U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Exclusive: Lithuania under cyber-attack after the ban on Russian railway goods

Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods Cyber Spetsnaz is targeting Lithuanian government resources and critical infrastructure – the recent ban on Russian railway goods has caused a new spike of hacktivist activity on the Dark Web. Today the group has announced multiple targets […]

Lithuania

Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods

Cyber Spetsnaz is targeting Lithuanian government resources and critical infrastructure – the recent ban on Russian railway goods has caused a new spike of hacktivist activity on the Dark Web. Today the group has announced multiple targets for coordinated DDoS attacks – the resources to be attacked are distributed between so-called “units” who are based on members and volunteers who joined previous and current campaigns.

Lithuania

The escalation was caused by Vilnius’s refusal to allow steel and iron ore to cross the Russian exclave of Kaliningrad. According to the BBC and other news agencies – prior to this activity Russia warned Lithuania of the consequences of rail transit blockades but didn’t specify how exactly they will be conducted.

According to experts from Los Angeles-based cybersecurity company Resecurity who are currently protecting Fortune 500 companies – the observed activity is expected considering war conflicts and follows today’s geopolitical agenda. Multiple sources interviewed by Security Affairs agreed that Cyber Spetsnaz began gaining more traction and involved multiple credible actors with DDoS capabilities.

The group is leveraging relatively cost-effective means and methods of DDoS, by doing so they generate significant DDoS power by attacking compromised WEB-resources, WEB-sites, IoT devices and botnet networks belonging to other independent actors who agreed to join the campaign. The real impact of such a campaign may be different from what has been claimed in practice – the main goal is to generate short-term outages or temporarily unavailability of the resource to generate certain media narratives.

Several cybersecurity experts from Lithuania have been interviewed independently – they’re aware of this group and are ready to protect national resources.

Notably, the list of targets represents a comprehensive list of critical infrastructure resources in Lithuania.

Current targets for attack include:

  • logistics companies (Adrem, Talga)
  • transport infrastructure (Transimeksa, Kelprojektas)
  • major financial institutions of Lithuania (Central Bank, Stock Exchange, Swedbank, SEB, etc.)
  • ISPs (Tele2, Telia, Penki, Mezon, Cgates, Fastlink)
  • airports (Vilnius Airport, Kaunas Airport, Palanga Airport, Siauliai Airport)
  • energy companies (Ignitis Grupe, Ministry of Energy, Aedilis)
  • major media outlets (Delfi, Nedelia, ZW)
  • government WEB-resources (President, Ministry of Foreign Affairs, Ministry of Justice, Police)

June 20th one of the units of Cyber Spetnaz called “Zarya” has announced the attack against www.mna.gov.lv which was one of the 1st targets of the new campaign.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Lithuania)

[adrotate banner=”5″]

[adrotate banner=”13″]