A series of Ukrainian government websites were temporarily unavailable Friday in what appeared to be a coordinated cyberattack against the backdrop of rising tensions between Russia and Ukraine. As a result of the massive hacking attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily down," Foreign Ministry spokesperson Oleg Nikolenko tweeted. "Our specialists are already working on restoring the work of IT systems." READ MORE...
The Russian government said Friday that it raided multiple addresses tied to members of the REvil ransomware gang, making arrests and seizing hard cash, cryptocurrency, computers and cars. The Federal Security Service, or FSB, said it executed the sting at locations in Moscow, St. Petersburg and elsewhere. The operation came at the request of the United States, the FSB said. The FBI did not immediately respond Friday morning to requests for comment. READ MORE...
The most well-known APT operating on behalf of the North Korean government and active for more than a decade, Lazarus is believed to have been involved in multiple high-profile attacks, including the $81 million cyber theft from the central bank of Bangladesh in 2016, and the WannaCry attack. Starting in 2018, Lazarus conducted multiple cryptocurrency heists to generate revenue in support of North Korea's military programs. READ MORE...
Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable. The shattering of Windows was first reported by BornCity on Tuesday, as in, on the same day that Microsoft released a mega-dump of 97 security updates in its January 2022 Patch Tuesday update. READ MORE...
Researchers have discovered three WordPress plug-ins with the same vulnerability that allows an attacker to update arbitrary site options on a vulnerable site and completely take it over. Exploiting the flaw does require some action from the site administrator, however. On Nov. 5, 2021, the Wordfence Threat Intelligence team started a process to disclose a vulnerability researchers had found in "Login/Signup Popup," a WordPress plug-in installed on more than 20,000 sites. READ MORE...