SEARCH
Archive
Decipher Podcast: Rebekah Brown and John Scott-Railton on COLDRIVER and Russian Cyberespionage
Rebekah Brown and John Scott-Railton of the Citizen Lab join Dennis Fisher to dive into their group's new report on highly targeted spear phishing campaigns by the Russian threat actor COLDRIVER and then discuss the emergence of a new, possibly related group called COLDWASTREL.
Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler (CVE-2022-38028) for several years.
TinyTurla-NG Backdoor Has Big Capabilities
New research shows the TinyTurla-NG backdoor uses the Chisel open-source attack framework for some communications and has a variety of post-compromise capabilities.
New AcidPour Wiper Malware Found in Ukraine
SentinelLabs researchers have discovered a new wiper malware called AcidPour in Ukraine, which appears to be a new version of the AcidRain malware.
Microsoft Says Russian APT29 Accessed Source Code, Other Secrets
The Russian threat group known as Midnight Blizzard and APT29 gained access to some Microsoft source code repositories and other sensitive data, the company said.