Displaying items by tag: Russia

Ransomware attacks on Windows systems in the US during 2021 showed a small dip from the previous year, with 2323 local governments, schools and healthcare providers hit, the security firm Emsisoft reports.

The US Department of State has offered a reward of US$10 million (A$13.5 million) for information leading to the identification of location of any of the leaders of the DarkSide Windows ransomware gang.

The number of distributed denial of service attacks on educational institutions in Russia has more than doubled in September this year, coinciding with the start of the new school year, a security firm claims.

The REvil ransomware group was taken offline by intelligence agencies and law enforcement from the US and a number of its allies, the news agency Reuters claims.

ANALYSIS A detailed security report from Microsoft somewhat predictably claims that 58% of state-sponsored network attacks in 2020-21 came from Russia.

Britain will launch cyber attacks in response to similar actions by so-called "hostile states" like Russia, the country's Defence Secretary says.

The US has announced that it will bring together 30 countries, including NATO members and the G7, in an alliance to fight against cyber attacks and disrupt ransomware attacks.

The head of global cyber-security company Group-IB has been arrested by authorities in Russia over alleged treasonous activities against the state, with the company claiming that he is innocent.

The affiliate of ransomware operator DarkSide, the Windows malware that was used to attack the US Colonial Pipeline Company, appears to have taken on a target that was outside the parameters set down by the operator, judging from a statement made by the operator on its site on the dark web.

In what appears to be a first, a CIA-bankrolled threat intelligence firm has set up a "tech news" outlet to spread its wares.

The head of security firm Kaspersky's Global Research and Analysis Team, Costin Raiu, says in 2019 more than 70 security companies were given samples of malware that was created by the CIA.

A survey by an anonymous security researcher, who goes by the handle Bank Security on Twitter, has found that the US is the top nation when it comes to accessing the main Russian underground communities on the dark web.

The United States has alleged that the Russian security agency known as the Foreign Intelligence Service was responsible for the attack on the supply chain of SolarWinds Orion network management software.

Most people in the infosec industry are adamant that attribution is the most difficult part of the process, but Romanian security firm Bitdefender's Daniel Clayton is an exception. The vice-president of global services and support said this was not really the case.

Nine Entertainment is maintaining a no-official-comment policy on the breach of its Sydney network that came to light on 28 March, but the company appears to have no objection to its staff making the wildest of claims about the incident.

The SolarWinds attack, and all its ramifications, have made news headlines for months. Tim Brown, the company’s CISO and VP of Security spoke exclusively to iTWire to lay out what really happened - and what did not happen.  It is also a sobering call to how software development practices can never be the same again.

It should be somewhat curious to the average individual that all the coverage about the ongoing Microsoft Exchange Server attacks has focused on anything but the entity responsible for these attacks: Microsoft.

CIA-backed threat intelligence firm Recorded Future has issued a document in which it claims that a China-linked group named RedEcho is targeting the Indian power industry. That's the meaning from the headline which is very definitive.

ANALYSIS The assertion by Microsoft President Brad Smith during a 60 Minutes interview with CBS on Sunday that the supply chain attack revealed by security firm FireEye in December was "the largest and most sophisticated attack the world has ever seen" has once again raised the question of the extent to which Microsoft was involved in this attack.

An intrusion campaign which targets monitoring software from the French company CENTREON has been reported to have breached several French institutions between late 2017 and 2020. The systems that were hit were running CentOS, a free version of Red Hat's Enterprise Linux distribution.