CyberSecurityBoard
Sponsor Register Login

Gamaredon Group

Gamaredon Group is a suspected Russian cyber espionage threat group that has targeted military, NGO, judiciary, law enforcement, and non-profit organizations in Ukraine since at least 2013. The name Gamaredon Group comes from a misspelling of the word "Armageddon", which was detected in the adversary's early campaigns.In November 2021, the Ukrainian government publicly attributed Gamaredon Group to Russia's Federal Security Service (FSB) Center 18.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000


Cyber News related to Gamaredon Group

Gamaredon Group Launches New Cyberattacks in 2023 - In early 2023, the Gamaredon group, a cybercrime group with ties to Russian government-backed attackers, struck again with new attacks targeting government agencies across Europe. The group has already been linked to numerous malware campaigns and ...
2 years ago Thehackernews.com Gamaredon Group
Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group - The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latvia's Ministry of Defense last week, the ministry told The Record on Friday. Hackers sent malicious emails to several employees of the ministry, ...
2 years ago Therecord.media
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine - A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group. Malware researchers saw indications of ...
1 year ago Bleepingcomputer.com
Gamaredon Group - Gamaredon Group is a suspected Russian cyber espionage threat group that has targeted military, NGO, judiciary, law enforcement, and non-profit organizations in Ukraine since at least 2013. The name Gamaredon Group comes from a misspelling of the ...
1 year ago Attack.mitre.org Gamaredon Group
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
5 months ago Securelist.com
CVE-2022-48895 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
Variants of RussianSupported Gamaredons Malware Aimed at Ukrainian Government Agencies - The State Cyber Protection Centre of Ukraine has identified the Russian state-sponsored threat actor known as Gamaredon for its cyber attacks on public authorities and critical information infrastructure in the country. This advanced persistent ...
2 years ago Thehackernews.com Turla
security and privacy in Facebook groups - Having found myself roped into assisting as co-administrator a couple of Facebook groups with security/privacy issues, I thought I should, perhaps, share what little I know about defending your group against scam and spam posts and comments by ...
1 year ago Securityboulevard.com
NCC Group records the most ransomware victims ever in 2023 - While coordinated law enforcement action and government initiatives helped in the fight against ransomware last year, NCC Group still recorded an 84% increase in attacks during 2023. The report included data from NCC Group's Cyber Incident Response ...
1 year ago Techtarget.com Rocke 8base LockBit BianLian Medusa
Ukraine-Russia Cyber Battles Have Real-World Impact - "The evolution of cyberattacks and malware, particularly those that have an intersection with the use of generative AI, have lowered the barrier for entry for threat actors, leading to more threats and a greater volume of attacks," he says. ...
5 months ago Darkreading.com
Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
1 year ago Darkreading.com
Imperva Detects Undocumented 8220 Gang Activities - Imperva Threat Research has detected previously undocumented activity from the 8220 gang, which is known for the mass deployment of malware using a variety of continuously evolving TTPs. This threat actor has been known to target both Windows and ...
1 year ago Imperva.com CVE-2017-3506 CVE-2021-44228 CVE-2020-14883 CVE-2020-14882
Russia hacking: 'FSB in years-long cyber attacks on UK', says government - The UK is accusing Russia's Security Service, the FSB, of a sustained cyber-hacking campaign, targeting politicians and others in public life. The government said one group stole data through cyber-attacks, which was later made public, including ...
1 year ago Bbc.com
Cybercrime experts reveal how to infiltrate ransomware gangs The Register - Though it happens rarely, it's always a good day when a ransomware group is taken down by law enforcement. Singapore-based Group-IB celebrated its 20th anniversary in the cybersecurity industry this year, and during this time its researchers have ...
1 year ago Go.theregister.com Qilin
Cybercrime experts reveal how to infiltrate ransomware gangs The Register - Though it happens rarely, it's always a good day when a ransomware group is taken down by law enforcement. Singapore-based Group-IB celebrated its 20th anniversary in the cybersecurity industry this year, and during this time its researchers have ...
1 year ago Theregister.com Qilin
Cypher Queries in BloodHound Enterprise - Our first use case is identifying Domain Trusts that exist within an environment. Our specific query here, Map Domain Trusts can be selected which automatically populates the search window with the built-in query. Selecting Search will then return a ...
1 year ago Securityboulevard.com
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
2 years ago Csoonline.com Andariel APT3 APT37 APT38 Kimsuky Lazarus Group BianLian
CVE-2024-26773 - In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to ...
11 months ago Tenable.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
1 year ago Bleepingcomputer.com CVE-2023-23397 Fancy Bear APT28
Microsoft: Hackers target defense firms with new FalseFont malware - Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. The DIB sector targeted in these attacks comprises over 100,000 defense companies and ...
1 year ago Bleepingcomputer.com APT3 APT33
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com Lazarus Group
CVE-2022-21677 - Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group's ...
3 years ago
CVE-2024-35807 - In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 ...
9 months ago Tenable.com
Ransomed.vc shuts after apparent failure to sell operation The Register - Vc claims to have shut down for good after a number of suspected arrests. The announcement comes just weeks after the group announced it planned to sell the operation to "Someone that can be verified or is already verified as a trusted person." Two ...
1 year ago Theregister.com
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks - U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service group and developed a decryption tool that will help more than 500 victims regain access to their encrypted data ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)