CyberSecurity updates
Updated: 2024-10-29 22:30:08 Pacfic


MalBot @ Malware Analysis, News and Indicators
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant - 11d

The Russian-speaking threat actor group known as UAT-5647, also known as RomCom, has been observed targeting Ukrainian government entities and unknown Polish entities since late 2023. The group has expanded its arsenal to include four distinct malware families: RustClaw and MeltingClaw (downloaders), DustyHammock (RUST-based backdoor), and ShadyHammock (C++-based backdoor). UAT-5647’s attacks are likely a two-pronged strategy of establishing long-term access for espionage and potentially pivoting to ransomware deployment to disrupt and gain financially from the compromise.

cyble.com
Gamaredon APT Launches Spear-Phishing Campaign Targeting Ukrainian Military Personnel - 22d

The Gamaredon APT (Advanced Persistent Threat) group has launched a spear-phishing campaign targeting Ukrainian military personnel. The group, also known as Primitive Bear or Armageddon, is a Russian-affiliated threat actor with a history of targeting Ukrainian government and critical infrastructure. The campaign uses emails disguised as military summons, with malicious attachments designed to deliver payloads that potentially exfiltrate sensitive data from compromised systems. This campaign highlights the ongoing cyber warfare threat in Ukraine.


This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find FlagThis at Mastodon.