Over the last couple of weeks we saw On February 24, 2022, Anonymous — a global collective of hackers — announced it was launching a cyber operation against Russian President Vladimir Putin and the Russian state for invading Ukraine. At 2:50 PM EST on February 24, 2022, an anonymous Twitter account with 1.3 million followers tweeted, “The Anonymous collective is officially in cyberwar against the Russian government.â€.
For more articles, check out our #onpatrol4malware blog.
Why the Cyberwar Against Russia Could Have a Major Impact on the U.S. and Europe
Source: Mailchi
On February 24, 2022, Anonymous announced it was launching a cyber operation against Russian President Vladimir Putin and the Russian state for invading Ukraine. Read more.
FBI Releases Indicators of Compromise for RagnarLocker Ransomware
Source: CISA
The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with ransomware attacks by RagnarLocker, a group of ransomware actors targeting critical infrastructure sectors. Read more.
Updated: Conti Ransomware
Source: CISA
CISA, FBI, NSA, USSS have re-released an advisory on Conti ransomware. Conti cyber threat actors remain active and reported Conti ransomware attacks against the U.S. and international organizations have risen to more than 1,000. Read more.
Mobile Malware is Surging in Europe: A Look at the Biggest Threats
Source: Proofpoint
In 2021 alone, Proofpoint detected several different malware packages across the globe. Although volume fell sharply toward the end of 2021, we’re seeing a 2022 resurgence. Read more.
Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments
Source: APT41’s
APT41’s detailed persistent effort allowed them to successfully compromise at least six U.S. state government networks by exploiting vulnerable Internet-facing web applications. Read more.
SATCOM terminals under attack in Europe: a plausible analysis
Source: REVERSEMODE
February 24th: at the same time Russia initiated a full-scale attack on Ukraine, tens of thousands of KA-SAT SATCOM terminals suddenly stopped working in several European countries. Read more.
Ghostwriter / UNC1151 Adopts Microbackdoor Variants in Cyber Operations Against Ukraine
Source: Cluster25
For a few months Cluster25 collected and analyzed several malicious activities which then were internally linked with the threat actor known as UNC1151 (aka GhostWriter), an adversary believed to be linked to the Belarusian government. Read more.