Cybersecurity News
Cyber‑readiness in the face of an escalated gray zone conflict
Organizations worldwide should remain on high alert for cyberattacks as the risk of major cyber-spillover from the crisis in Ukraine continues to loom large
The post Cyber‑readiness in the face of an escalated gray zone conflict appeared first on WeLiveSecurity
How the tech community has rallied to Ukraine’s cyber-defence | Joyce Hakmeh and Esther Naylor
From an army of volunteers to EU and Nato teams, the variety of online actors working for the cause is unprecedented
As the conflict in Ukraine escalates, expert cyber-watchers have been speculating about the kind of cyber-attacks that Russia might conduct. Will the Kremlin turn off Ukraine’s power grid, dismantle Ukraine’s transport system, cut off the water supply or target the health system? Or would cybercriminals operating from Russia, who could act as proxies for the Russian regime, conduct these activities?
Over the past decade, Ukraine has experienced many major cyber-attacks, most of which have been attributed to Russia. From election interference in 2014, which compromised the central electoral system and jeopardised the integrity of the democratic process; to a hack and blackout attack in a first-of-its-kind fully remote cyber-attack on a power grid in 2015, resulting in countrywide power outages; to one of the costliest malicious software attacks, NotPetya, in 2017, which significantly disrupted access to banking and government services in Ukraine and, subsequently, spilled over to France, Germany, Italy, Poland, Russia, the UK, the US and Australia.
Joyce Hakmeh is a senior research fellow for the International Security Programme at Chatham House. Esther Naylor is a research analyst at the International Security Programme
Continue reading...Massive Meris Botnet Embeds Ransomware Notes from REvil
Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.
Conti Ransomware Group Diaries, Part III: Weaponry
Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it's like to be an employee of Conti's sprawling organization. Today's Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.Week in security with Tony Anscombe
New malware targeting organizations in Ukraine – How organizations can improve their cyber-resiliency – Scammers taking advantage of the crisis
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Free HermeticRansom Ransomware Decryptor Released
Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.
These are the problems that cause headaches for bug bounty hunters
A researcher shares his thoughts on the challenges of responsible vulnerability disclosure.Emergency preparedness: How to disaster‑proof your tech
Here are a few tips that will help you get your ‘go bag’ ready if you have to leave at a moment’s notice and need your communications and data to survive
The post Emergency preparedness: How to disaster‑proof your tech appeared first on WeLiveSecurity
Phishing Campaign Targeted Those Aiding Ukraine Refugees
A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians.
Russia Leaks Data From a Thousand Cuts–Podcast
It’s not just Ukraine: There's a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server.
Securing Data With a Frenzied Remote Workforce–Podcast
Stock the liquor cabinet and take a shot whenever you hear GitLab Staff Security Researcher Mark Loveless say “Zero Trust.”
US launches KleptoCapture force to tackle cryptocurrency use in Russian sanction avoidance
The DoJ says the team will target "efforts" to use cryptocurrency to circumvent sanctions or launder cash.ESET Research Podcast: Ukraine’s past and present cyberwar
Press play to hear Aryeh Goretsky, Jean-Ian Boutin and Robert Lipovsky discuss how recent malware attacks in Ukraine tie into years of cyberattacks against the country
The post ESET Research Podcast: Ukraine’s past and present cyberwar appeared first on WeLiveSecurity
TeaBot Trojan Haunts Google Play Store, Again
Malicious Google Play apps have circumvented censorship by hiding trojans in software updates.
Conti Ransomware Decryptor, TrickBot Source Code Leaked
The decryptor spilled by ContiLeaks won’t work with recent victims. Conti couldn't care less: It's still operating just fine. Still, the dump is a bouquet’s worth of intel.
Conti Ransomware Group Diaries, Part II: The Office
Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.Ukraine government calls on Oracle, SAP for support
Mykhailo Fedorov has requested the severance of business relationships with Russia.Innovation and the Roots of Progress
If you look back at the long arc of history, it’s clear that one of the most crucial drivers of real progress in society is innovation
The post Innovation and the Roots of Progress appeared first on WeLiveSecurity
TeaBot Android Banking Trojan continues its global conquest with new upgrades
The RAT has is now targeting over 400 applications.RCE Bugs in Hugely Popular VoIP Apps: Patch Now!
The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations.
