Kyivstar, Ukraine’s Biggest Cell Carrier, Hacked

Hackers managed to destroy all the software infrastructure

On Tuesday, December 12, 2023, Ukraine’s largest cellular operator Kyivstar got its network infrastructure ruined. This is a result of a hack that was most likely executed by a Russian threat actor. I considered delaying writing this post to gather more facts regarding the situation. On day 1, nothing but speculation and suppositions were available.… Continue reading Kyivstar, Ukraine’s Biggest Cell Carrier, Hacked

Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild

Microsoft found a remote code execution vulnerability CVE-2023-36884

On July 11, 2023, Microsoft published an article about addressing the CVE-2023-36884 vulnerability. This breach allowed for remote code execution in Office and Windows HTML. Microsoft has acknowledged a targeted attack that exploits a vulnerability using specifically designed Microsoft Office documents. The attacker can gain control of a victim’s computer by creating a malicious Office… Continue reading Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild

APT28 Attacked Ukrainian and Polish Organizations

Recorded Future, in collaboration with CERT-UA researchers, has unveiled a recent cyber offensive orchestrated by Russian-speaking hackers affiliated with the APT28 Group (also known as Fancy Bear, BlueDelta, Sednit, and Sofacy). Their target: Roundcube mail servers of various Ukrainian organizations, including government entities. As a reminder, we previously reported on the divergence of hacker groups,… Continue reading APT28 Attacked Ukrainian and Polish Organizations

One Year of Russian-Ukrainian War in Cybersecurity

Ukraine has faced more cyber attacks in a year of war with Russia than ever before.

February 24, 2022, will be a turning point in history. It was the day of the full-scale Russian invasion of Ukraine and the most significant geopolitical event of the past year. This war was, without exaggeration, the bloodiest military conflict in Europe in decades. However, it is the first major hybrid war that uses cyberspace… Continue reading One Year of Russian-Ukrainian War in Cybersecurity

Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites

Ukrainian Computer Emergency Response Team (CERT-UA) said that Ukraine was hit by large-scale DDoS attacks. CERT-UA has published a report on ongoing DDoS attacks on Ukrainian websites and a government web portal. Unknown attackers compromise WordPress sites and inject malicious JavaScript code into the HTML structure. The script is base64 encoded to avoid detection like… Continue reading Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites

Hacker groups split up: some of them support Russia, others Ukraine

Amid the backdrop of the barbaric invasion of the Russian army into the territory of Ukraine, hacker groups split into two camps: some declared that they supported the actions of the Russian authorities, while others, on the contrary, sided with Ukraine. Bleeping Computer says that there has been a serious split in the hacker community.… Continue reading Hacker groups split up: some of them support Russia, others Ukraine

Microsoft discovered the WhisperGate wiper attacking Ukrainian users

Microsoft says it discovered a destructive attack on Ukrainian users using the WhisperGate wiper, which tried to impersonate a ransomware, but in fact did not provide victims with data recovery options. In fact, the detected threat is a classic wiper, that is, malware designed to deliberately destroy data on an infected host. WhisperGate wiper Such… Continue reading Microsoft discovered the WhisperGate wiper attacking Ukrainian users

Most likely russian hackers defaced Ukrainian government websites

Hackers defaced several Ukrainian government websites: the attack occurred on the night of January 13-14 and affected the websites of the Ukrainian Foreign Ministry, the Ministry of Education and Science, the Ministry of Defense, the State Emergency Service, the website of the Cabinet of Ministers, and so on. The Record notes that all resources have… Continue reading Most likely russian hackers defaced Ukrainian government websites

Ukrainian law enforcement officers arrested members of the hacker group Phoenix

The Security Service of Ukraine (SBU) announced the arrest of five members of the international hacker group Phoenix, which specializes in remote hacking of mobile devices and collection of personal data. Law enforcement officers report that the group included five citizens of Ukraine (residents of Kyiv and Kharkiv), and all of them had a higher… Continue reading Ukrainian law enforcement officers arrested members of the hacker group Phoenix

Ukrainian fighters against pirates asked Google to block 127.0.0.1

The TorrentFreak media reports that Vindex, Ukrainian fighters against pirates, representing the interests of TRC Ukraine, sent Google a strange request to remove content from search results. One of the addresses violating the rights of TRC Ukraine pointed to 127.0.0.1, that is, the anti-pirates found prohibited content in their own systems. Journalists note that under… Continue reading Ukrainian fighters against pirates asked Google to block 127.0.0.1