#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

russian hacking group | Breaking Cybersecurity News | The Hacker News

Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

Sep 24, 2019
Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace, producing highly specialized hacking techniques and toolkits for cyber espionage. Over the past three decades, many high profile hacking incidents—like hacking the US presidential elections , targeting a country with NotPetya ransomware , causing blackout in Ukrainian capital Kiev , and Pentagon breach—have been attributed to Russian hacking groups, including Fancy Bear  (Sofacy), Turla ,  Cozy Bear ,  Sandworm Team  and Berserk Bear. Besides continuously expanding its cyberwar capabilities, the ecosystem of Russian APT groups has also grown into a very complex structure, making it harder to understand who's who in Russian cyber espionage. Now to illustrate the big picture and mak
Microsoft Says Russia Tried to Hack Three 2018 Midterm Election Candidates

Microsoft Says Russia Tried to Hack Three 2018 Midterm Election Candidates

Jul 19, 2018
Microsoft said it detected and helped the US government to block Russian hacking attempts against at least three congressional candidates this year, a Microsoft executive revealed speaking at the Aspen Security Forum today. Although the company refused to name the targets but said, the three candidates were "people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint." According to the company, the Russian hackers targeted the candidates' staffers with phishing attacks, redirecting them to a fake Microsoft website, in an attempt to steal their credentials. "Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks," said Tom Burt, Microsoft's vice president for customer security. "And we saw metadata that suggested those phishing attacks were being directed at three candidates who are all sta
FBI Arrests NSA Contractor for Leaking Secrets – Here's How they Caught Her

FBI Arrests NSA Contractor for Leaking Secrets – Here's How they Caught Her

Jun 06, 2017
The FBI arrested a 25-year-old NSA contractor on Saturday (3rd June) for leaking classified information to an online news outlet which published its report yesterday (5th June) — meaning the arrest was made two days before the actual disclosure went online. Reality Leigh Winner , who held a top-secret security clearance and worked as a government contractor in Georgia with Pluribus International, was arrested from her home in Augusta on charges involving the leak of top-secret NSA files to 'The Intercept,' an online publication that has been publishing NSA documents leaked by Edward Snowden since 2014. The Intercept published a report on Monday, 5th June, based upon a classified document it received anonymously, which claims in August 2016, Russia's military intelligence agency "executed a cyber attack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials days before [the] election." The
cyber security

Protecting Your Organization From Insider Threats - All You Need to Know

websiteWing SecuritySaaS Security
Get practical insights and strategies to manage inadequate offboarding and insider risks effectively.
SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

May 13, 2024Threat Detection / SoC / SIEM
In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts are overwhelmed with alerts. The knock-on effect of this is that fatigued analysts are at risk of missing key details in incidents, and often conduct time-consuming triaging tasks manually only to end up copying and pasting a generic closing comment into a false positive alert.  It is likely that there will always be false positives. And many would argue that a false positive is better than a false negative. But for proactive actions to be made, we must move closer to the heart of an incident. That requires diving into how analysts conduct the triage and investigation process. SHQ Response Platfo
Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities

Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities

May 10, 2017
As part of this month's Patch Tuesday, Microsoft has released security patches for a total of 55 vulnerabilities across its products, including fixes for four zero-day vulnerabilities being exploited in the wild. Just yesterday, Microsoft released an emergency out-of-band update separately to patch a remote execution bug ( CVE-2017-0290 ) in Microsoft's Antivirus Engine that comes enabled by default on Windows 7, 8.1, RT, 10 and Server 2016 operating systems. The vulnerability, reported by Google Project Zero researchers, could allow an attacker to take over your Windows PC with just an email, which you haven't even opened yet. May 2017 Patch Tuesday — Out of 55 vulnerabilities, 17 have been rated as critical and affect the company's main operating systems, along with other products like Office, Edge, Internet Explorer, and the malware protection engine used in most of the Microsoft's anti-malware products. Sysadmins all over the world should prioriti
Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media

Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media

Feb 21, 2017
Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network. Late last year, the country also suffered a power outage caused by the same group of hackers that targeted Ukraine's power grid with the BlackEnergy malware in late 2015, causing 225,000 residents to lose electricity. Now security researchers from threat intelligence firm CyberX have uncovered an advanced malware-based operation that has already siphoned over 600 gigabytes of data from about 70 victim organizations, including critical infrastructure, news media, and scientific research. Operation BugDrop: Damages and Modus Operandi Dubbed " Operation BugDrop ," the large-scale malware campaign has been perpetrated against targets in the Ukraine, though targets from other countries include Russia, Saudi Arabia, and Austr
New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups

New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups

Feb 16, 2017
Security researchers have discovered a new Mac malware allegedly developed by APT28 Russian cyber espionage group who is believed to be responsible for 2016 presidential election hacking scandal. A new variant of the X-Agent spyware is now targeting Apple macOS system that has previously been used in cyber attacks against Windows, iOS, Android, and Linux devices. The malware is designed to steal web browser passwords, take screenshots of the display, detect system configurations, execute files and exfiltrate iPhone backups stored on the computer. The X-Agent malware is tied to Russian hacking group known as APT28 — also known as Fancy Bear, Sofacy, Sednit, and Pawn Storm — that has been operating since at least 2007 and is allegedly linked to the Russian government. "Our past analysis of samples known to be linked to APT28 group shows a number of similarities between the Sofacy/APT28/Sednit Xagent component for Windows/Linux and the Mac OS binary that currently forms
Cybersecurity
Expert Insights
Cybersecurity Resources