Cybersecurity News


How the tech community has rallied to Ukraine’s cyber-defence | Joyce Hakmeh and Esther Naylor

How the tech community has rallied to Ukraine’s cyber-defence | Joyce Hakmeh and Esther Naylor

From an army of volunteers to EU and Nato teams, the variety of online actors working for the cause is unprecedented

As the conflict in Ukraine escalates, expert cyber-watchers have been speculating about the kind of cyber-attacks that Russia might conduct. Will the Kremlin turn off Ukraine’s power grid, dismantle Ukraine’s transport system, cut off the water supply or target the health system? Or would cybercriminals operating from Russia, who could act as proxies for the Russian regime, conduct these activities?

Over the past decade, Ukraine has experienced many major cyber-attacks, most of which have been attributed to Russia. From election interference in 2014, which compromised the central electoral system and jeopardised the integrity of the democratic process; to a hack and blackout attack in a first-of-its-kind fully remote cyber-attack on a power grid in 2015, resulting in countrywide power outages; to one of the costliest malicious software attacks, NotPetya, in 2017, which significantly disrupted access to banking and government services in Ukraine and, subsequently, spilled over to France, Germany, Italy, Poland, Russia, the UK, the US and Australia.

Joyce Hakmeh is a senior research fellow for the International Security Programme at Chatham House. Esther Naylor is a research analyst at the International Security Programme

Continue reading...
07 March 2022

Massive Meris Botnet Embeds Ransomware Notes from REvil

Massive Meris Botnet Embeds Ransomware Notes from REvil Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.
04 March 2022

Conti Ransomware Group Diaries, Part III: Weaponry

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it's like to be an employee of Conti's sprawling organization. Today's Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.
04 March 2022

Week in security with Tony Anscombe

New malware targeting organizations in Ukraine – How organizations can improve their cyber-resiliency – Scammers taking advantage of the crisis

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

04 March 2022

Free HermeticRansom Ransomware Decryptor Released

Free HermeticRansom Ransomware Decryptor Released Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.
04 March 2022

These are the problems that cause headaches for bug bounty hunters

A researcher shares his thoughts on the challenges of responsible vulnerability disclosure.
04 March 2022

Emergency preparedness: How to disaster‑proof your tech

Here are a few tips that will help you get your ‘go bag’ ready if you have to leave at a moment’s notice and need your communications and data to survive

The post Emergency preparedness: How to disaster‑proof your tech appeared first on WeLiveSecurity

04 March 2022

Phishing Campaign Targeted Those Aiding Ukraine Refugees

Phishing Campaign Targeted Those Aiding Ukraine Refugees A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians.
03 March 2022

Russia Leaks Data From a Thousand Cuts–Podcast

Russia Leaks Data From a Thousand Cuts–Podcast It’s not just Ukraine: There's a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server.
03 March 2022

Securing Data With a Frenzied Remote Workforce–Podcast

Securing Data With a Frenzied Remote Workforce–Podcast Stock the liquor cabinet and take a shot whenever you hear GitLab Staff Security Researcher Mark Loveless say “Zero Trust.”
03 March 2022

US launches KleptoCapture force to tackle cryptocurrency use in Russian sanction avoidance

The DoJ says the team will target "efforts" to use cryptocurrency to circumvent sanctions or launder cash.
03 March 2022

ESET Research Podcast: Ukraine’s past and present cyberwar

Press play to hear Aryeh Goretsky, Jean-Ian Boutin and Robert Lipovsky discuss how recent malware attacks in Ukraine tie into years of cyberattacks against the country

The post ESET Research Podcast: Ukraine’s past and present cyberwar appeared first on WeLiveSecurity

03 March 2022

TeaBot Trojan Haunts Google Play Store, Again

TeaBot Trojan Haunts Google Play Store, Again Malicious Google Play apps have circumvented censorship by hiding trojans in software updates.
02 March 2022

Conti Ransomware Decryptor, TrickBot Source Code Leaked

Conti Ransomware Decryptor, TrickBot Source Code Leaked The decryptor spilled by ContiLeaks won’t work with recent victims. Conti couldn't care less: It's still operating just fine. Still, the dump is a bouquet’s worth of intel.
02 March 2022

Conti Ransomware Group Diaries, Part II: The Office

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.
02 March 2022

Ukraine government calls on Oracle, SAP for support

Mykhailo Fedorov has requested the severance of business relationships with Russia.
02 March 2022

Innovation and the Roots of Progress

If you look back at the long arc of history, it’s clear that one of the most crucial drivers of real progress in society is innovation

The post Innovation and the Roots of Progress appeared first on WeLiveSecurity

02 March 2022

TeaBot Android Banking Trojan continues its global conquest with new upgrades

The RAT has is now targeting over 400 applications.
02 March 2022

RCE Bugs in Hugely Popular VoIP Apps: Patch Now!

RCE Bugs in Hugely Popular VoIP Apps: Patch Now! The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations.
01 March 2022

RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now!

RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now! The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations.
01 March 2022