RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Several Ukrainian organizations were hit by Russia-based RansomBoggs Ransomware in the last week, ESET reports. Researchers from ESET observed multiple attacks involving a new family of ransomware, tracked as RansomBoggs ransomware, against Ukrainian organizations. The security firm first detected the attacks on November 21 and immediately alerted the CERT US. The ransomware is written in […]

Continue Reading

Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site

Pro-Russian hacker collective Killnet took down the European Parliament website with a DDoS cyberattack. The Pro-Russia group of hacktivists Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website. #KILLNET, the Pro-Russia #hacking group, claims to have launched a #DDoS attack against the European Parliament’s (@Europarl_EN) official […]

Continue Reading

CERT-UA warns of multiple Somnia ransomware attacks against organizations in Ukraine

Russian threat actors employed a new ransomware family called Somnia in attacks against multiple organizations in Ukraine. The Government Computer Emergency Response Team of Ukraine CERT-UA is investigating multiple attacks against organizations in Ukraine that involved a new piece of ransomware called Somnia. Government experts attribute the attacks to the group ‘From Russia with Love’ […]

Continue Reading

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. In Mid-October, Microsoft Threat Intelligence Center (MSTIC) researchers uncovered previously undetected ransomware, tracked as Prestige ransomware, employed in attacks targeting organizations in the transportation and related logistics industries in Ukraine and Poland. Microsoft has identified a new ransomware strain “Prestige” […]

Continue Reading

APT29 abused the Windows Credential Roaming in an attack against a diplomatic entity

Russia-linked APT29 cyberespionage group exploited a Windows feature called Credential Roaming to target a European diplomatic entity. Mandiant researchers in early 2022 responded to an incident where the Russia-linked APT29 group (aka SVR group, Cozy Bear, Nobelium, and The Dukes) successfully phished a European diplomatic entity. The attack stands out for the use of the Windows Credential […]

Continue Reading