Daily Cyber Brief
Ukrainian hacktivists claim to leak Russian Central Bank documents, China stockpiling zero-days, Killnet targets Eastern Bloc government sites, and a new Android RAT targets Indian Defense Forces...
Cybersecurity
Ukrainian hacktivists claim to have breached the Central Bank of Russia, stealing thousands of internal documents. A 2.6 GB folder released publicly on Thursday and partially reviewed by The Record contains 27,000 allegedly stolen files detailing the bank’s operations, its…
The world’s largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. According to a new report released Friday by Microsoft, China’s government hacking…
Websites belonging to several state intelligence agencies across the former Eastern Bloc are online and functioning despite attempted distributed denial-of-service (DDoS) attacks from a pro-Kremlin group over the weekend. The hacking group Killnet, which for months has…
One of the world’s largest astronomical observatories suffered a cyberattack in late October and was forced to suspend work, it announced last week. The Atacama Large Millimeter Array (ALMA) observatory in Chile said last Wednesday that a cyberattack on October 29…
A malicious Android installation package has been spotted targeting Indian defense personnel since at least July 2021. The news comes from a report from external threat landscape management platform Cyfirma, which the company shared with Infosecurity over the…
Microsoft has removed a key obstacle facing organizations seeking to deploy phishing-resistant multifactor authentication (MFA) by enabling certificate-based authentication (CBA) in Azure Active Directory. The release of CBA in Azure AD, announced during last…
A ransomware gang that some believe is a relaunch of REvil and others track as BlogXX has claimed responsibility for last month's ransomware attack against Australian health insurance provider Medibank Private Limited. Medibank is one of Australia's largest private health…
A quartet of malware-laden Android apps from a single developer have been caught with malicious code more than once, yet the infected apps remain on Google Play and have collectively been downloaded more than one million times. The apps come from developer…
A phishing-as-a-service (PhaaS) platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services. The switch comes after "Cloudflare disassociated Robin Banks phishing infrastructure from its services…
The Azov Ransomware continues to be heavily distributed worldwide, now proven to be a data wiper that intentionally destroys victims' data and infects other programs. Last month, a threat actor began distributing malware called 'Azov Ransomware' through cracks…