Author: Ambreen Chaudhary

Cyber Attack

E.U. Sanctions Russian Hackers for Cyber Attacks on Estonia’s Government

By Ambreen ChaudharyMarch 30, 20250

EU sanctions Russian Hackers in a bold move to counteract rising cyber threats. The European Union has formally sanctioned three Russian nationals believed to be part of GRU Unit 29155, a notorious military intelligence group. These individuals are held responsible for launching targeted cyberattacks on Estonia’s core government ministries, an operation that has significant implications for international cybersecurity and digital sovereignty. These individuals—Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov—are linked to Russia’s military intelligence, known as GRU Unit 29155. This group is notorious for covert operations and cyber espionage. What Happened? According to the Council of the European…

Cyber Attack

Stealthy Golang Malware Uses Telegram Bots for C2: Possible Russian Origin

By Ambreen ChaudharyMarch 30, 20250

Security researchers have discovered a new strain of Telegram C2 malware built using Golang. This backdoor communicates through Telegram’s Bot API to stay hidden, execute commands remotely, and persist on compromised systems , all while evading traditional detection methods. But its also capable of executing multiple commands via an attacker-controlled Telegram channel. Indicators suggest a possible Russian origin, based on linguistic clues embedded within the code. How the Backdoor Works The malware, compiled using the Go programming language, behaves like a typical backdoor once deployed. Upon execution, it checks whether it is running from a specific file path and name:…

Cyber Attack

Ghostwriter Cyber Attacks Use Obfuscated Excel Macros to Target Ukraine and Belarusian Opposition

By Ambreen ChaudharyMarch 29, 20250

A new Ghostwriter malware campaign is actively targeting Ukrainian government and military institutions, along with Belarusian opposition activists, in a renewed wave of cyber espionage. The campaign uses weaponized Excel documents embedded with obfuscated macros. As revealed by cybersecurity firm SentinelOne, these documents act as entry points for delivering stealthy payloads, including a new version of PicassoLoader. Ghostwriter, also known by aliases like Moonscape, TA445, UAC-0057, and UNC1151, has been active since 2016 and has consistently aligned itself with Russian state interests, spreading disinformation and launching targeted cyber operations across Europe. Ghostwriter Malware Campaign Origins and Targets Prepping Since Mid-2024,…

What's Hot

E.U. Sanctions Russian Hackers for Cyber Attacks on Estonia’s Government

Stealthy Golang Malware Uses Telegram Bots for C2: Possible Russian Origin

Ghostwriter Cyber Attacks Use Obfuscated Excel Macros to Target Ukraine and Belarusian Opposition

Author: Ambreen Chaudhary

E.U. Sanctions Russian Hackers for Cyber Attacks on Estonia’s Government

Stealthy Golang Malware Uses Telegram Bots for C2: Possible Russian Origin

Ghostwriter Cyber Attacks Use Obfuscated Excel Macros to Target Ukraine and Belarusian Opposition

E.U. Sanctions Russian Hackers for Cyber Attacks on Estonia’s Government

Stealthy Golang Malware Uses Telegram Bots for C2: Possible Russian Origin

Ghostwriter Cyber Attacks Use Obfuscated Excel Macros to Target Ukraine and Belarusian Opposition

FamousSparrow Returns: New SparrowDoor Variants Target U.S., Mexico