The US Department of Homeland Security (DHS) reportedly has warned state and local governments and critical infrastructure operators about the risk of Russia hitting the US with cyberattacks in retaliation for a possible US or NATO response to a potential Russian invasion of Ukraine. According to a report by CNN, which reported on the Jan. 23 DHS intelligence bulletin, the federal agency said Russia could employ anything from denial-of-service attacks to ones aimed at disrupting critical infrastructure. READ MORE...
A group of Belarusian hackers claim to have encrypted the servers, databases and workstations of Belarusian Railways with the aim of slowing down Russian troop movements as tensions continue to mount toward a potential Russian invasion of Ukraine. The Belarus Cyber Partisans - a group of pro-democracy hacktivists who have been targeting the Russia-friendly Belarusian government - tweeted that they'd "encrypted some of BR's servers, databases and workstations to disrupt operations." READ MORE...
The Canadian government department for foreign and consular relations, Global Affairs Canada was hit by a cyberattack last week. While critical services remain accessible, access to some online services is currently not available, as government systems continue to recover from the attack. Global Affairs Canada (GAC) systems faced a network disruption after being hit with a cyberattack last week. READ MORE...
Malicious files doctored up to look like legitimate content related to the Israeli-Palestine conflict are being used to target prominent Palestinians, as well as activists and journalists in Turkey, with spyware. That's according to a disclosure from Zscaler, which attributes the cyberattacks to the MoleRats advanced persistent threat (APT). Zscaler's research team was able to tie MoleRats, an Arabic-speaking group with a history of targeting Palestinian interests, to this campaign. READ MORE...
New variants of the BRATA banking trojan have been targeting global Android devices since November with advanced features, including the ability to wipe devices after stealing user data, tracking devices via GPS, and novel obfuscation techniques, researchers have found. The remote access trojan (RAT), which targets banks and financial institutions, is now being distributed through a downloader to avoid being detected by antivirus (AV) solutions. READ MORE...
The authors of the Trickbot Trojan have added multiple layers of defenses around the malware to make it harder for defenders to detect and analyze the injections it uses during malicious operations. The improvements coincide with escalating activity around the malware and appear designed for attacks in which Trickbot is being used to conduct online banking fraud - something the tool was originally designed for before it was repurposed for malware distribution purposes. READ MORE...