Daily Cyber Brief
Ukrainian intelligence claims Russia is planning cyberattacks on energy grid, TA413 is using LOWZERO backdoor on Tibetan targets, and the new Erbium malware spreads...
Cybersecurity
As protests against military conscription rage inside Russia, the country is planning to continue its offensive into Ukraine with cyberattacks on critical infrastructure. The Odessa Journal reported Ukrainian military intelligence has learned the first cyberattacks will soon…
At least three alleged hacktivist groups working in support of Russian interests are likely doing so in collaboration with state-sponsored cyber threat actors, according to Mandiant. The Google-owned threat intelligence and incident response firm said with moderate confidence…
Ukrainian law enforcement authorities on Friday disclosed that it had "neutralized" a hacking group operating from the city of Lviv that it said acted on behalf of Russian interests. The group specialized in the sales of 30 million accounts belonging to citizens from Ukraine…
The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. Erbium is a new Malware-as-a-Service (MaaS) that provides subscribers with a new information-stealing…
Australia’s cybersecurity minister criticized the country’s second largest telecommunications company for its response to what she called an “unprecedented theft of consumer information.” Clare O’Neil, minister for Home Affairs and Cybersecurity, appeared on…
Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script. No malicious macro is necessary for the malicious code to execute and…
Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed. The cyberattackers demanded a multimillion dollar ransom from the Corbeil-Essonnes hospital near Paris a month ago…
Security researchers from Kaspersky have spotted a new series of campaigns focusing on the malware tool they named NullMixer. According to an advisory published by the firm earlier today, NullMixer spreads malware via malicious websites that can be easily found via…
A China-aligned advanced persistent threat actor known as TA413 weaponized recently disclosed flaws in Sophos Firewall and Microsoft Office to deploy a never-before-seen backdoor called LOWZERO as part of an espionage campaign aimed at Tibetan entities…
Microsoft says it has dismantled a malicious campaign relying on a network of single-tenant OAuth applications for the distribution of spam messages. Over the past few years, Microsoft has observed an increase in the malicious use of OAuth applications, especially for consent…