Researchers found the SaintBear actors targeting Ukrainian organizations using macro-embedded documents in its latest campaign that delivers different Elephant payloads. SaintBear has been actively performing cyberespionage campaigns aimed at Ukraine since 2021. For better protection, organizations are recommended to use email gateways, reliable anti-malware, and a firewall.
Russian hackers used compromised employee credentials to launch the cyberattack that severely disrupted internet services in Ukraine last week, it has been claimed today.
Microsoft this week seized seven internet domains run by Russia-linked threat group Strontium, which was using the infrastructure to target Ukrainian institutions as well as think tanks in the US and EU.
The vehicle dealer group revealed the attack, which is believed to have been committed by the Conti ransomware gang, affected the firm’s internal systems. In particular, access to the internet and phones within the business was affected.
This week Anonymous claimed to have hacked multiple private businesses and leaked their data through the DDoSecrets platform. The list of recently compromised businesses includes Forest, Aerogas, and Petrofort.
Researchers have identified a new version of SolarMarker, a malware family known for its infostealing and backdoor capabilities, mainly delivered through search engine optimization (SEO) manipulation to convince users to download malicious documents.
The websites of Finland’s defense and foreign affairs were taken offline today following DDoS attacks. The ministries each confirmed the attacks on Twitter, although the websites now appear to be back up and running.
American automotive tools manufacturer Snap-on announced a data breach exposing associate and franchisee data after the Conti ransomware gang began leaking the company’s data in March.
The threat group uses the double extortion method to increase pressure on the victim. This means that they not only encrypt the victim’s files, but also exfiltrate them and threaten to release the data if the victim does not pay.
They used footage of tech entrepreneurs and crypto enthusiasts like Elon Musk, Brad Garlinghouse, Michael Saylor, Changpeng Zhao and Cathie Wood to add legitimacy to their efforts.