News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Head of the LockBit gang exposed in Russia
B2B Cyber ​​Security ShortNews

The British National Crime Agency (NCA), the FBI and other law enforcement agencies have announced the unmasking of the leading head of the LockBit gang. The Russian Dmitry Khoroshev probably lives south of Moscow. One or “the” leader of what was once the world’s most dangerous cybercrime group, LockBit, has been exposed and sanctioned by the National Crime Agency (NCA) in the UK. Russian citizen Dmitry Khoroshev, also known as LockBitSupp, was the administrator and developer of the LockBit ransomware group. According to various media, the 31-year-old lives in the Russian town of Voronesh, about 500 kilometers south of Moscow. USA bet 10 million…

Read more

New Russian malware Kapeka discovered
B2B Cyber ​​Security ShortNews

The security experts at WithSecure have exposed Kapeka. The new malware appears to have ties to the Russian hacker group Sandworm. Several factors clearly indicate that the development and use of the malware are related to the Russia-Ukraine war: the timing, the locations, and the likely connection to the Russian Sandworm group. Threat intelligence researchers at WithSecure™ (formerly F-Secure Business) have discovered a novel malware that has been used in attacks on targets in Central and Eastern Europe since at least mid-2022. The malware, called Kapeka, can be linked to a group called Sandworm. Sandworm...

Read more

Dinner with APT29
B2B Cyber ​​Security ShortNews

In late February 2024, Mandiant identified APT29 – a Russian Federation-backed threat group linked to the Russian Foreign Intelligence Service (SVR) by multiple governments – which ran a phishing campaign targeting German political parties. Consistent with APT29 operations dating back to 2021, this operation leveraged APT29's main ROOTSAW (also known as EnvyScout) payload to deliver a new backdoor variant known as WINELOADER. This activity represents a departure from APT29's typical targeting of governments, foreign embassies and other…

Read more

A comeback from Lockbit is likely
B2B Cyber ​​Security ShortNews

It is fundamentally important for Lockbit to be visible again quickly. Victims are presumably less willing to pay as long as there are rumors that the group is no longer operational. “It has now become known that Lockbit, contrary to its own statements, does not delete the stolen data. One more reason to stand firm and not pay in the event of blackmail. They have set up a new .onion leak site. The group claims there that the investigating authorities used a PHP vulnerability for the takedown. This is a PR campaign. Lockbit wants to put the damage of the takedown into perspective and show strength...

Read more

Russian APT28 attacks aerospace industry
B2B Cyber ​​Security ShortNews

The Russian-linked cybercriminal group TA422 – also known as APT28, Forest Blizzard, Pawn Storm, Fancy Bear and BlueDelta – primarily targets companies in the aerospace, education, financial, technology and manufacturing sectors apart. The group also primarily targets government agencies in Europe and North America. The attackers primarily relied on phishing campaigns with a large number of messages. This is the result of a new investigation by cybersecurity company Proofpoint, whose security experts have observed a series of phishing activities from TA2023 since March 422...

Read more

Security report Q1/23: New malware often from Russia and China 
Security report Q1/23: New malware often from Russia and China - Image by Egonetix_xyz on Pixabay

Cyber ​​attackers are constantly coming up with new attack methods. The security report for the first quarter of 1 not only shows new traps, but also proves that three of the four newcomers on the top 2023 malware list come from Russia and China. According to WatchGuard's Internet Security Report, attackers are now discovering new ways to trick users surfing the Internet. After web browsers have recently upgraded their protection mechanisms against pop-up abuse, cybercriminals are now focusing on the still relatively new browser notification options. Malware trends for Q10/1 How the analysis…

Read more

DDoS plus 16.800 percent: Pro-Russian Killnet group vs. USA
B2B Cyber ​​Security ShortNews

Attacks by the pro-Russian Killnet group led to a 2022 percent increase in DDoS attacks against the US National Security Sector by the end of 16.815. This is what the ASERT research team reported to NETSCOUT. Linked to the pro-Russian Killnet group, there was a massive 2022 percent spike in DDoS attacks against the US national security sector in the second half of 16.815, with attack spikes recorded on the day US President Biden and French President Macron publicly reaffirmed their support for Ukraine at the G7 summit. Also in Germany it happened...

Read more

Chinese, Russian APT groups attack Europe
Chinese, Russian APT groups attack Europe

The European Union is increasingly targeted by Chinese and Russian APT groups. This is shown by the current ESET APT report, which reports on the latest developments in hacker groups such as Lazarus, Mustang Panda or Ke3chang. ESET security experts are seeing increasing attacks by APT (Advanced Persistent Threat) groups with ties to China, North Korea and Russia on EU countries and organizations in these countries. With fake job offers from the aviation company Boeing, the Lazarus Group tried to steal access data from employees of a Polish armaments company. Ke3chang and Mustang Panda, players with ties to China, have also attacked European companies. As part of…

Read more

Snake: Top Russian cyber spy tool exposed in 50 countries
Snake: Top Russian cyber spy tool exposed in 50 countries

The American CISA (Cybersecurity and Infrastructure Security Agency) has identified the most advanced cyber espionage tool "Snake" of the Russian secret service FSB in 50 countries and almost all continents including Europe and North America. The tool attacked government networks, research institutions and also journalists. A Cybersecurity Advisory helps global experts to detect and defend against. According to CISA (Cybersecurity and Infrastructure Security Agency), Snake malware and its infrastructure is considered to be the most advanced cyber espionage tool developed and used by Center 16 of the Russian Federal Security Service (FSB) for long-term intelligence gathering on sensitive targets. To operate with this…

Read more

Russia-Ukraine: APT campaign in conflict area
Kaspersky_news

A previously unknown malware in an APT campaign steals data from administrative, agricultural and transport companies in Donetsk, Luhansk and Crimea regions. The new backdoor PowerMagic and the modular framework CommonMagic are used. In October 2022, Kaspersky researchers discovered an ongoing Advanced Persistent Threat (APT) campaign targeting organizations in the Russian-Ukrainian war zone. Dubbed 'CommonMagic' by Kaspersky, the espionage campaign has been active since at least September 2021 and uses a previously unknown malware to gather data from its targets. The targets include administrative, agricultural and transport companies in the regions…

Read more