Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Description: Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.
Source: Dark Reading
December 5th, 2024 (4 months ago)
New Android spyware found on phone seized by Russian FSB
Description: After a Russian programmer was detained by Russia's Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. [...]
Source: BleepingComputer
December 5th, 2024 (4 months ago)
BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure
Description: BlueAlpha, a Russian cyber group, uses Cloudflare Tunnels to deploy GammaDrop malware, escalating challenges in targeting Ukrainian entities.
Source: RecordedFuture
December 5th, 2024 (5 months ago)
NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions
Description: The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America. The effort, codenamed Operation Destabilise, has resulted in the arrest of 84 suspects linked to two Russian-speaking networks
Source: TheHackerNews
December 5th, 2024 (5 months ago)
UK disrupts Russian money laundering networks used by ransomware
Description: ​A law enforcement operation led by the United Kingdom's National Crime Agency (NCA) has disrupted two Russian money laundering networks working with criminals worldwide, including ransomware gangs. [...]
Source: BleepingComputer
December 4th, 2024 (5 months ago)
Russian hackers hijack Pakistani hackers' servers for their own attacks
Description: The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks. [...]
Source: BleepingComputer
December 4th, 2024 (5 months ago)
Vodka maker Stoli files for bankruptcy in US after ransomware attack
Description: Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country. [...]
Source: BleepingComputer
December 3rd, 2024 (5 months ago)
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
Description: The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. "Phishing emails were sent mainly through email services in Japan and Korea until early September," South Korean cybersecurity company Genians said. "Then, from mid-September,
Source: TheHackerNews
December 3rd, 2024 (5 months ago)
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
Description: A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded by these trojans to install stealer
Source: TheHackerNews
December 3rd, 2024 (5 months ago)
Russia sentences Hydra dark web market leader to life in prison
Description: Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. [...]
Source: BleepingComputer
December 2nd, 2024 (5 months ago)