On November 14, Fortinet released an advisory regarding a critical vulnerability affecting FortiSIEM which may allow a remote unauthenticated attacker to execute unauthorised commands via crafted API requests. FortiSIEM Vulnerability FortiSIEM Vulnerability History * 20/11/2023 - v1.0 - Initial publication * 21/11/2023 - v1.1 - Correction
Ukrainian hacktivist team Cyber Resistance hacked the email of Lieutenant Colonel Sergey Alexandrovich Morgachev, an officer of the Russian Main Intelligence Directorate of the General Staff of the Russian Army (GRU), leader of the Russian hacker group APT 28, consisting of officers of the 85th Main Special Service Center of
A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats. Two weeks ago, Sentinel Labs reported on a recent operation by 'Winter Vivern&
Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group. The Bitter APT group is a South Asian cyberespionage group active since at least 2021. The group focuses on energy and government sectors, in the past, the group targeted organizations
Microsoft shared guidance for investigating attacks using critical CVE-2023-23397 vulnerability in Outlook. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any user interaction.
Cybersecurity researchers said this week that they have observed the pro-Russia hacking group known as Killnet increasingly launch distributed denial of service (DDoS) attacks targeting healthcare organizations since November. Killnet was established following Russia’s invasion of Ukraine in February 2022, and spent most of the last year launching DDoS
A new threat actor named 'YoroTrooper' has been running cyber-espionage campaigns since at least June 2022, targeting government and energy organizations in Commonwealth of Independent States (CIS) countries. According to Cisco Talos, the threat actor has compromised accounts of a critical European Union agency engaged in healthcare, the
Russia-linked APT29 (aka SVR group, Cozy Bear, Nobelium, and The Dukes) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBerry researchers uncovered a new cyber espionage campaign aimed at EU countries. The hackers targeted diplomatic entities and systems
Threat Actors Exploiting Silicon Valley Bank (SVB) Collapse Scenario To Launch Cyber-Attacks Following a bank run on its deposits, Silicon Valley Bank (SVB) experienced a failure on March 10, 2023, and has garnered significant media attention. As SVB has traditionally been the preferred banking partner for many startups worldwide, its
Western countries don't appear to have an answer or robust knowledge about the operators behind Ghostwriter (aka UNC1151), a threat actor that has been engaged in a mixture of hack-and-leak and dis/misinformation campaigns over the past half-decade, a report [PDF] from Cardiff University has concluded. The group,
Commercial radio stations across Russia on Wednesday morning broadcast warnings about air raids and missile strikes. The Ministry of Emergency Situations said the broadcasts were the “result of a hacker attack.” Gazprom-Media, Russia’s largest media company and a subsidiary of the state-owned energy corporation Gazprom, said an “attack on
Russian hacking group Killnet has claimed responsibility for disrupting communications between NATO and other organisations providing earthquake relief in Turkey and Syria. Strategic Airlift Capability (SAC) is a multi-national organisation which relies on NATO for conducting airlifts. The organisation is currently transporting search-and-rescue gear to help the disaster zone and
Vulnerabilities in electric vehicle charging management systems can be exploited for DoS attacks and to steal energy or sensitive information. Researchers warn that many electric vehicle (EV) charging management systems are affected by vulnerabilities that could allow hackers to cause disruption, steal energy, or obtain driver information. The vulnerabilities were
The Russian-sponsored hacker group known as Gamaredon continues to attack Ukrainian organizations and remains one of the “key cyber threats” for Ukraine’s cyberspace, according to a report the Ukrainian government published Wednesday. Ukraine claims that Gamaredon operates from the city of Sevastopol in Russia-occupied Crimea, but acts on orders
Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. #BREAKING On January 25th #ESETResearch discovered a new cyberattack in 🇺🇦 Ukraine. Attackers deployed a
The pro-Ukrainian hacker group TeamOneFist has announced its first joint mission with Anonymous RoughSec against Russia, titled "Operation Turn Ruzzia Off". Hackers claim they successfully shut down 316 Metro and Edge routers across Russia and disarmed 944 more.
