CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The threat group's goal is to help Pyongyang assess risk to its troops deployed in Ukraine and to figure out if Moscow might want more.
May 13th, 2025 (about 1 month ago)
|
|
Description: Written by: Wesley Shields
Google Threat Intelligence Group (GTIG) has identified a new piece of malware called LOSTKEYS, attributed to the Russian government-backed threat group COLDRIVER (also known as UNC4057, Star Blizzard, and Callisto). LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker. Observed in January, March, and April 2025, LOSTKEYS marks a new development in the toolset of COLDRIVER, a group primarily known for credential phishing against high-profile targets like NATO governments, non-governmental organizations (NGOs), and former intelligence and diplomatic officers. GTIG has been tracking COLDRIVER for many years, including their SPICA malware in 2024.
COLDRIVER typically targets high-profile individuals at their personal email addresses or at NGO addresses. They are known for stealing credentials and after gaining access to a target’s account they exfiltrate emails and steal contact lists from the compromised account. In select cases, COLDRIVER also delivers malware to target devices and may attempt to access files on the system.
Recent targets in COLDRIVER’s campaigns have included current and former advisors to Western governments and militaries, as well as journalists, think tanks, and NGOs. The group has also continued targeting individuals connected to Ukraine. We believe the primary goal of COLDRIVER’s operations is intelligence colle...
May 7th, 2025 (about 1 month ago)
|
|
Description: A 43-year-old woman was reportedly tasked with identifying and photographing the positions of Ukrainian forces near the front-line town of Pokrovsk — currently one of the most active combat zones.
May 5th, 2025 (about 1 month ago)
|
|
|
Description: Russia's cyberattacks on Ukraine have increased dramatically, targeting the country's government and defense infrastructure.
May 1st, 2025 (about 1 month ago)
|
|
Description: Russian companies have been targeted as part of a large-scale phishing campaign that's designed to deliver a known malware called DarkWatchman.
Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnology sectors, Russian cybersecurity company F6 said.
The activity is assessed to be the work of a
May 1st, 2025 (about 1 month ago)
|
|
Description: Epicentr, a home improvement chain that operates more than 70 stores in Ukraine, said it suffered a cyberattack that crippled key IT systems.
April 29th, 2025 (about 2 months ago)
|
|
Description: Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [...]
April 24th, 2025 (about 2 months ago)
|
|
Description: Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025.
The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device code
April 23rd, 2025 (about 2 months ago)
|
|
Description: Russia-linked phishing attacks targeting NGOs with ties to Ukraine ask victims to join a video call, and result in them gaining access to Microsoft 365 accounts,
April 22nd, 2025 (about 2 months ago)
|
|
|
Description: TRALFO Srl Trasporti e Spedizioni
The company was founded in Abruzzo in 1970 thanks to the dedication of the Fonzi family .
In 1992 the Fonzi brothers created TRALFO , an acronym for TRA sporti & L ogistica FO nzi
Thanks to a deep knowledge of the sector, as well as the passion and entrepreneurial foresight of the owners, after thirty years, Tralfo has established itself as a solid reality in the world of logistics and road transport, guaranteeing professionalism, experience and cutting-edge services offered.
Today Tralfo can count on a collective of approximately 250 employees (coming from different nations such as: Albania, Ukraine, Pakistan, Morocco, Colombia, France, Germany, Switzerland, Cape Verde, Sri Lanka, Canada, Bulgaria, Poland, Belgium, Turkey ), divided between administrative managers, logistics operators and drivers, as well as a total of 40,000 m2 of warehouses.Geo: Italy - Leak size: 34 GB Archive - Contains: Files
April 17th, 2025 (about 2 months ago)
|