CyberScoop reports that new destructive cyberattacks could be deployed by Russian state-sponsored threat actors in a bid to strengthen their cyberespionage and influence operations.
Aside from ongoing efforts to bolster intelligence gathering and malware attack testing, Russian hackers have also been looking to continue targeting military and humanitarian supply chains, according to a report from Microsoft's Digital Threat Analysis Center.
"It is not that we necessarily think that Russia will launch a stream of cyberattacks, however we are currently seeing patterns of targeted threat activity in Ukraine similar to the early days of the invasion. Russian state actors are working to gain accesses in Ukrainian and European networks and refining their malicious toolkits further suggesting preparations are underway for espionage or destruction," said Microsoft Digital Threat Analysis Center General Manager Clint Watts.
The report follows Mandiant's report that Russian hacking operation APT28 has compromised more than 12 military, transportation, and energy networks from April to December 2022, an intrusion Mandiant Head of Intelligence Analysis John Hultquist refers to as a "propagation event."
Hamas spokesperson Hudhayfa Samir Abdallah al-Kahlut, also known as "Abu Ubaida," has been sanctioned by the U.S. Treasury Department for his leadership of the group's cyber influence operations, reports The Record, a news site by cybersecurity firm Recorded Future.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.