Latest Ukraine news

Russian hackers switch to LOTL technique to cause power outage

Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources
- Ionut Ilascu
- November 09, 2023
- 06:12 AM
- 0
FSB arrests Russian hackers working for Ukrainian cyber forces

Russia's security agency published a press release on Tuesday saying that its officers detained two hackers who either assisted or joined Ukraine's hackers in cyber operations.
- Ionut Ilascu
- November 01, 2023
- 07:20 PM
- 0
Google links WinRAR exploitation to Russian, Chinese state hackers

Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems.
- Sergiu Gatlan
- October 18, 2023
- 11:00 AM
- 0
Russian Sandworm hackers breached 11 Ukrainian telcos since May

The state-sponsored Russian hacking group tracked as 'Sandworm' has compromised eleven telecommunication service providers in Ukraine between May and September 2023.
- Bill Toulas
- October 16, 2023
- 02:06 PM
- 0
Ubuntu discovers 'hate speech' in release 23.10 — how to upgrade?

Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain hate speech. According to the Ubuntu project, a malicious contributor is behind anti-Semitic, homophobic, and xenophobic slurs that were injected into the distro via a "third party tool."
- Ax Sharma
- October 14, 2023
- 06:00 AM
- 2
Hackers use open source Merlin post-exploitation toolkit in attacks

Ukraine is warning of a wave of attacks targeting state organizations using 'Merlin,' an open-source post-exploitation and command and control framework.
- Bill Toulas
- August 09, 2023
- 05:32 PM
- 1
Microsoft: Hackers turn Exchange servers into malware control centers

Microsoft and the Ukraine CERT warn of new attacks by the Russian state-sponsored Turla hacking group, targeting the defense industry and Microsoft Exchange servers with a new 'DeliveryCheck' malware backdoor.
- Lawrence Abrams
- July 19, 2023
- 03:06 PM
- 0
Ukraine takes down massive bot farm, seizes 150,000 SIM cards

Cyber Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations.
- Sergiu Gatlan
- July 19, 2023
- 07:03 AM
- 0
Police arrests Ukrainian scareware developer after 10-year hunt

The Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from 2006 to 2011.
- Sergiu Gatlan
- July 17, 2023
- 11:40 AM
- 0
Gamaredon hackers start stealing data 30 minutes after a breach

Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour.
- Bill Toulas
- July 15, 2023
- 10:07 AM
- 0
CISA orders govt agencies to patch bugs exploited by Russian hackers

On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six more security flaws to its known exploited vulnerabilities (KEV) list.
- Sergiu Gatlan
- June 22, 2023
- 03:04 PM
- 0
Russian APT28 hackers breach Ukrainian govt email servers

A threat group tracked as APT28 and linked to Russia's General Staff Main Intelligence Directorate (GRU) has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities.
- Sergiu Gatlan
- June 20, 2023
- 09:00 AM
- 0
Russian hackers use PowerShell USB malware to drop backdoors

The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics.
- Bill Toulas
- June 15, 2023
- 06:00 AM
- 0
Microsoft links data wiping attacks to new Russian GRU hacking group

Microsoft has linked a threat group it tracks as Cadet Blizzard since April 2023 to Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).
- Sergiu Gatlan
- June 14, 2023
- 01:27 PM
- 1
Ukrainian hackers take down service provider for Russian banks

A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening.
- Sergiu Gatlan
- June 09, 2023
- 06:06 PM
- 3
New CS:GO map bypasses Russia's censorship of Ukraine war news

Finish newspaper Helsingin Sanomat has created a custom Counter-Strike: Global Offensive (CS:GO) map explicitly made to bypass Russian news censorship and smuggle information about the war in Ukraine to Russian players.
- Bill Toulas
- May 07, 2023
- 10:16 AM
- 1
Russian hackers use WinRAR to wipe Ukraine state agency’s data

The Russian 'Sandworm' hacking group has been linked to an attack on Ukrainian state networks where WinRar was used to destroy data on government devices.
- Bill Toulas
- May 03, 2023
- 04:41 PM
- 1
Hackers use fake ‘Windows Update’ guides to target Ukrainian govt

The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious emails supposedly containing instructions on how to update Windows as a defense against cyber attacks.
- Bill Toulas
- April 30, 2023
- 10:07 AM
- 0
Ukrainian arrested for selling data of 300M people to Russians

The Ukrainian cyber police have arrested a 36-year-old man from the city of Netishyn for selling the personal data and sensitive information of over 300 million people, citizens of Ukraine, and various European countries.
- Bill Toulas
- April 26, 2023
- 05:35 PM
- 3
Russia accuses NATO of launching 5,000 cyberattacks since 2022

The Federal Security Service of the Russian Federation (FSB) has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022.
- Bill Toulas
- April 14, 2023
- 12:19 PM
- 4