Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Recorded Future, an American threat intelligence company, has become the first cybersecurity firm designated by the Russian government as an "undesirable" organization. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of "quest games."
Law enforcement officials said that it detained two FSB agent groups following a special operation in Kharkiv. These groups, per the agency,
December 18th, 2024 (4 months ago)
|
|
|
Description: The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files.
The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a "rogue RDP" technique that was previously
December 18th, 2024 (4 months ago)
|
|
|
Description: The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity.
December 18th, 2024 (4 months ago)
|
|
|
Description: The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns.
"BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both
December 12th, 2024 (4 months ago)
|
|
|
Description: Russian cyber-espionage group Turla, aka "Secret Blizzard," is utilizing other threat actors' infrastructure to target Ukrainian military devices connected via Starlink. [...]
December 11th, 2024 (4 months ago)
|
|
|
Description: The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine.
The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom malware onto "specifically
December 11th, 2024 (4 months ago)
|
|
|
Description: The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces.
The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 (aka UNC4221), which has been active since at least 2022.
"The phishing emails mimicked official messages
December 10th, 2024 (4 months ago)
|
|
|
Description: In a historic decision, Romania's constitutional court has annulled the result of the first round of voting in the presidential election amid allegations of Russian interference.
As a result, the second round vote, which was scheduled for December 8, 2024, will no longer take place. Călin Georgescu, who won the first round, denounced the verdict as an "officialized coup" and an attack on
December 7th, 2024 (4 months ago)
|
|
|
Description: A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year.
The findings come as part of a collaborative investigation by First Department and the University of Toronto's Citizen Lab.
"The spyware placed on his device allows the operator to track a target device's
December 6th, 2024 (4 months ago)
|