News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

New Russian malware Kapeka discovered
B2B Cyber ​​Security ShortNews

The security experts at WithSecure have exposed Kapeka. The new malware appears to have ties to the Russian hacker group Sandworm. Several factors clearly indicate that the development and use of the malware are related to the Russia-Ukraine war: the timing, the locations, and the likely connection to the Russian Sandworm group. Threat intelligence researchers at WithSecure™ (formerly F-Secure Business) have discovered a novel malware that has been used in attacks on targets in Central and Eastern Europe since at least mid-2022. The malware, called Kapeka, can be linked to a group called Sandworm. Sandworm...

Read more

Threat potential from state actors
Threat potential from state actors

The extent of the current threat situation is illustrated by a cyber attack that recently occurred in Ukraine. According to Ukraine's State Computer Emergency Response Team (CERT-UA), an unnamed state-owned company was compromised, infecting around 2.000 computers with the DIRTYMOE (PURPLEFOX) malware. It is a modular malware that allows attackers remote access and is primarily used for distributed denial-of-service (DDoS) attacks. The exact impact on Ukrainian operations was not disclosed. Globally, the number of cyberattack attempts increased by more than 2023 in 104…

Read more

Ukraine War: CommonMagic APT campaign expands
Kaspersky_news

Recent Kaspersky research shows that the threat actor behind the CommonMagic campaign is expanding its malicious activities, both regionally and from a technical perspective. According to them, the newly discovered framework 'CloudWizard' has extended its victimology to organizations in central and western Ukraine; so far, companies in the Russian-Ukrainian war zone have been affected. In addition, Kaspersky experts were able to link the initially unknown actor to previous APT campaigns such as Operation BugDrop and Operation Groundbait (Prikormka). Back in March of this year, Kaspersky reported on a new APT campaign in the Russian-Ukrainian war zone called CommonMagic, which will use PowerMagic and CommonMagic implants...

Read more

DDoS plus 16.800 percent: Pro-Russian Killnet group vs. USA
B2B Cyber ​​Security ShortNews

Attacks by the pro-Russian Killnet group led to a 2022 percent increase in DDoS attacks against the US National Security Sector by the end of 16.815. This is what the ASERT research team reported to NETSCOUT. Linked to the pro-Russian Killnet group, there was a massive 2022 percent spike in DDoS attacks against the US national security sector in the second half of 16.815, with attack spikes recorded on the day US President Biden and French President Macron publicly reaffirmed their support for Ukraine at the G7 summit. Also in Germany it happened...

Read more

APT group Red Stinger attacked Ukraine-KRITIS 
B2B Cyber ​​Security ShortNews

Malwarebytes experts have named the new APT group Red Stinger. The group carried out espionage operations against Ukraine, specifically targeting KRITIS areas. Malwarebytes' threat intelligence team has released investigations into a new Advanced Persistent Threat (APT) group Red Stinger, which has been conducting espionage operations in Ukraine, some of which aimed to monitor government organizations. Attacks on Ukraine-KRITIS Malwarebytes' investigations began as early as September 2022. Overall, attacks by the APT group were identified from the end of 2020. Newly discovered APT group targets facilities in Russian-Ukrainian conflict region...

Read more

Russia-Ukraine: APT campaign in conflict area
Kaspersky_news

A previously unknown malware in an APT campaign steals data from administrative, agricultural and transport companies in Donetsk, Luhansk and Crimea regions. The new backdoor PowerMagic and the modular framework CommonMagic are used. In October 2022, Kaspersky researchers discovered an ongoing Advanced Persistent Threat (APT) campaign targeting organizations in the Russian-Ukrainian war zone. Dubbed 'CommonMagic' by Kaspersky, the espionage campaign has been active since at least September 2021 and uses a previously unknown malware to gather data from its targets. The targets include administrative, agricultural and transport companies in the regions…

Read more

Development 2022: cybercrime, wars, ransomware
Development 2022: cybercrime, wars, ransomware

In its report “2023 State of Malware”, security expert Malwarebytes compiles the developments of the year 2022: Geopolitical cybercrime, ransomware and new authentication technologies in response to many threats. 71 percent of companies worldwide were affected by ransomware in 2022. By the end of November, over 22.500 new vulnerabilities and security gaps had been added to the global database CVE (Common Vulnerabilities and Exposures) - ten percent more than in the previous year. The past year was marked by numerous different cyber attacks. This is the conclusion reached by threat intelligence analysts at Malwarebytes in their report "2023 State of...

Read more

Report: Cyber ​​threats as a result of the Ukraine war
Report: Cyber ​​threats as a result of the Ukraine war

As the current ESET Threat Report T3 2022 shows, there are increasing cyber threats everywhere as a result of the Ukraine war. The cyber war has fully unfolded with new ransomware, wipers, DDoS or brute force attacks on accounts. IT security manufacturer ESET has published its T3 2022 threat report, which summarizes the most important statistics of ESET detection systems and highlights notable examples from cybersecurity research. The latest edition of the so-called "ESET Threat Report" (September to December 2022) highlights the impact of the ongoing war in Ukraine and its consequences for the world, including cyberspace. The invasion...

Read more

Arrested: ransomware group DoppelPaymer
Arrested: ransomware group DoppelPaymer

Again the core members of a ransomware group were caught: the heads of the APT group DoppelPaymer were caught in Ukraine and Germany through a cooperation of the police, Europol, FBI and many other authorities. The group became known through the attack on the University Hospital Düsseldorf. Already on February 28, 2023, the German State Criminal Police Office of North Rhine-Westphalia and the Ukrainian National Police, with the support of Europol, the Dutch police (Politie) and the United States Federal Bureau of Investigation, targeted suspected core members of the criminal group responsible for large-scale cyber attacks responsible for the DoppelPaymer ransomware. Double palmer handle…

Read more

Russian APT group Gamaredon attacks Ukraine  
Russian APT group Gamaredon attacks Ukraine

Russian cyberwar operations by Trident Ursa or APT Gamaredon have remained active since the Ukraine invasion. In addition, there was an attempted attack on a major oil refinery in a NATO member state. Ukraine has faced escalating cyber threats from Russia since early February, when Palo Alto Networks' Unit 42 reported extensively on the APT group Trident Ursa (aka Gamaredon, UAC-0010, Primitive Bear, Shuckworm). Trident Ursa is a group affiliated with the Russian domestic intelligence agency FSB. As the conflict continues on the ground and in cyberspace, Trident Ursa remains...

Read more