Wiper malware has been detected abusing legitimate drivers and targeting Active Directory servers amid ongoing Russian military conflict in Ukraine. The campaign reflects a growing trend of malware use during geopolitical crises with organizations urged to mitigate risks.
Discovered by ESET researchers on February 23, the malware, named HermeticWiper, has been installed on hundreds of machines in the country and indicates that there is no longer a distinction between cybersecurity and international security during crises. This follows recent DDoS attacks against several Ukrainian websites, the deployment of an EU cyber rapid-response team committed to helping defend Ukraine from cyberattacks, and warnings of potential ransomware attacks against US organizations in the wake of new sanctions placed on Russian banks and elites by President Biden.
More Stories
Friday Squid Blogging: Squid the Care Dog
The Vanderbilt University Medical Center has a pediatric care dog named “Squid.” Blog moderation policy. Read More
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at Boskone 62 in...
Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing
Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts Read More
AI and Civil Service Purges
Donald Trump and Elon Musk’s chaotic approach to reform is upending government operations. Critical functions have been halted, tens of...
UK’s AI Safety Institute Rebrands Amid Government Strategy Shift
The organization becomes the AI Security Institute as the UK shifts its focus to tackling AI risks to national security...
China-Linked Espionage Tools Used in Recent Ransomware Attack
Symantec found that tools previously only used by Chinese nation-state espionage actors were deployed in a ransomware attack Read More