Items tagged with russian

It appears that REvil, the threat actor group behind attacks on JBS Global and Kaseya, among others, has gone dark. While this could be a good thing, it may not be worth holding your breath as there are other explanations for REvil “disappearing” in the short term. Prior to the July 4th holiday in the United States, REvil executed an attack on Kaseya, a management software company based out of Florida. This led to upwards of 1,500 businesses downstream having their files encrypted and held for ransom by the threat actor group’s ransomware. With this rise in attacks, the Biden administration has seemingly put cybersecurity as a priority. Less than a day ago, BleepingComputer’s... Read more...
In May, the biggest fuel provider to the U.S. eastern seaboard was hit with ransomware from Russian hacking group DarkSide. Colonial Pipeline decided to pay the ransom to decrypt some of its files to get back to operational status, but those efforts were hampered by a slow decryption tool offered by the attackers. Thankfully, the U.S. Justice Department reports that it has now recovered much of the multi-million-dollar ransom payment. On May 9th, Colonial Pipeline reported that it needed to shutter its pipeline network, spanning from Texas to New Jersey, due to a security incident. What we later found out to be ransomware effectively paused the 2.5 million barrels of fuel from reaching communities... Read more...
Late last week, we reported that the SolarWinds hackers from last year, called Nobelium, were back in action targeting NGOs around the world, according to data from Microsoft. Now, the Redmond-based company is providing an update on its investigation and some context to the situation. In January, the advanced Russian hacking group Nobelium began ramping up a phishing campaign, targeting "government agencies, think tanks, consultants, and non-governmental organizations." More recently, however, the group gained access to the USAID's "Constant Contact" marketing account, allowing them to send authentic-looking emails with malware embedded to the group's targets. Thankfully, Microsoft's Defender... Read more...