Daily Cyber Brief
Pro-Russian hackers attacked the EU Parliament website, threat intelligence suggests the Yanluowang ransomware gang is run by Russian-speakers, and Qakbot is linked to Black Basta...
Cybersecurity
Internet connectivity was disrupted in Ukraine and neighboring Moldova after dozens of Russian missiles hit Ukrainian cities on Wednesday, causing massive power outages across the country. Data from internet monitoring firm NetBlocks shows that internet availability in…
The European Parliament website was hit by a cyberattack claimed by pro-Russian hackers Wednesday shortly after lawmakers approved a resolution calling Moscow a "state sponsor of terrorism". "The European Parliament is under a sophisticated cyberattack. A pro-Kremlin…
The inner workings of yet another ransomware group have been laid bare after internal messages were leaked online, suggesting the Yanluowang group was actually run by Russian speakers. Threat intelligence firm Trellix analyzed close to 3000 messages shared by Twitter…
As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. "The underground market value of stolen logs and compromised card details is…
Extortion site used in Medibank attack goes offline after Australian gov pledges ‘offensive’ actions
The leak site used by the cyber extortionists who attacked the Australian health insurance company Medibank went offline Tuesday, after cybersecurity officials said they would be taking steps to punish ransomware actors. Last week the Australian government announced…
The Black Basta ransomware gang has been reportedly spotted using QakBot malware to create a first point of entry and move laterally within organizations’ networks. The findings were described in a new advisory published by the Cybereason Global SOC (GSOC) team…
Security researchers at Proofpoint are calling attention to the discovery of a commercial red-teaming tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. According to a new report from Proofpoint, Nighthawk is an…
A growing number of cybercriminal groups are turning to an information stealer named Aurora, which is based on the Go open source programming language, to target data from browsers, cryptocurrency wallets, and local systems. A research team at cybersecurity firm…
Windows gamers and power users are being targeted by fake MSI Afterburner download portals to infect users with cryptocurrency miners and the RedLine information-stealing malware. The MSI Afterburner is a GPU utility that allows you to configure overclocking…
The RansomExx ransomware group has become the latest gang to create a variant in the Rust programming language, according to IBM Security X-Force Threat researchers. Charlotte Hammond, a malware reverse engineer for IBM Security X-Force, told The Record the…