infoek.cz Jan 14

🇺🇦 🇷🇺 Ruská skupina útočí na ozbrojené síly Ukrajiny odkazy na „nadace“

https://infoek.cz/ruska-skupina-utoci-na-ozbrojene-sily-ukrajiny-odkazy-na-nadace-2026/

🇺🇦 🇷🇺 Russian group attacks Ukraine's armed forces, links to "foundations"

https://infoek-cz.translate.goog/ruska-skupina-utoci-na-ozbrojene-sily-ukrajiny-odkazy-na-nadace-2026/?_x_tr_sl=cs&_x_tr_tl=en&_x_tr_hl=cs&_x_tr_pto=wapp

#CyberSecurity #Russia #Ukraine #StandWithUkraine #RussiaUkrainianWar #CERTUA #LaundryBear

eqtvDec 22

How does CERT-UA help energy companies, why is it important to connect to MISP?

https://peertube.eqver.se/w/2u6Gp9s4fReaRvnQ7cfpDp

How does CERT-UA help energy companies, why is it important to connect to MISP?

PeerTube
Olly 👾Aug 4, 2025

🇺🇦LameHug Malware uses AI LLM to craft Windows Data-Theft Commands in Real-Time.

LameHug was discovered by Ukraine’s national cyber incident response team [CERT-UA] and attributed the attacks to Russian state-backed threat group APT28 [a.k.a. Sednit, Sofacy, Pawn Storm, Fancy Bear, STRONTIUM, Tsar Team, Forest Blizzard].

https://cert.gov.ua/article/6284730

#ukraine #government #certua #lamehug #windows #ai #llm #malware #it #security #privacy #engineer #media #tech #news

SOC PrimeApr 3, 2025
In March, #CERTUA observed cyber-espionage attacks against Ukrainian state bodies and critical infrastructure by #UAC0219 spreading #WRECKSTEEL stealer for data theft. Detect potential intrusions with #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/detect-uac-0219-attacks-against-ukrainian-state-bodies/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL - SOC Prime

Detect UAC-0219 attacks with Powershell stealer WRECKSTEEL covered in the CERT-UA#14283 alert with Sigma rules from SOC Prime Platform.

SOC Prime
SOC PrimeMar 19, 2025
#CERTUA warns defenders about a targeted cyber-espionage operation by #UAC0200 targeting the Armed Forces of Ukraine. Detect associated malicious activity with #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/detect-uac-0200-attacks-using-darkcrystal-rat/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post
UAC-0200 Attack Detection: Cyber-Espionage Activity Targeting Defense Industry Sector and the Armed Forces of Ukraine Using DarkCrystal RAT - SOC Prime

Detect UAC-0200 attacks against the defense industry sector and the Armed Forces of Ukraine using DarkCrystal RAT with Sigma rules from SOC Prime.

SOC Prime
SOC PrimeFeb 26, 2025
#CERTUA warns defenders of a surge in phishing attacks by #UAC0173 against Ukrainian notaries to gain remote access and modify state registries. Detect increasing malicious activity with #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/detect-uac-0173-attacks-against-ukrainian-notaries/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post
UAC-0173 Activity Detection: Hackers Launch Phishing Attacks Against Ukrainian Notaries Using the DARKCRYSTALRAT Malware - SOC Prime

Detect UAC-0173 attacks against Ukrainian notaries with DARKCRYSTALRAT malware covered in the CERT-UA#13738 alert with Sigma rules from SOC Prime.

SOC Prime
SOC PrimeFeb 24, 2025
#CERTUA warns defenders of targeted activity to launch cyber-attacks against the critical infrastructure sector in Ukraine and beyond linked to UAC-0212, a subcluster of #Sandworm #APT. Detect intrusions with #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/detecting-uac-0212-attacks-linked-to-sandworm/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post
UAC-0212 Attack Detection: Hackers Linked to UAC-0002 aka Sandworm APT Subcluster Launch Targeted Attacks Against the Ukrainian Critical Infrastructure  - SOC Prime

Detect UAC-0212 attacks against Ukraine's critical infrastructure sector linked to Sandworm APT with Sigma rules from SOC Prime Platform.

SOC Prime
SOC PrimeJan 20, 2025
#CERTUA warns defenders of #cyberattacks impersonating CERT-UA activity under the guise of security audits via #AnyDesk misuse. Detect relevant malicious activity and hosts using AnyDesk with curated #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/anydesk-exploitation-attack-detection/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
Hackers Exploit AnyDesk Impersonating CERT-UA to Launch Cyber-Attacks  - SOC Prime

Detect cyber-attacks exploiting AnyDesk and masquerading offensive operations as CERT-UA activity with Sigma rules from SOC Prime Platform.

SOC Prime
SOC PrimeDec 18, 2024

#CERTUA alerts cyber defenders about new attacks on Ukraine by #UAC0125, using fake websites that imitate the "Army+" app page, hosted via Cloudflare Workers. Detect #cyberattacks with Sigma rules and explore campaign details on our blog.
https://socprime.com/blog/uac-0125-attacks-against-ukraine-detection/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post

#cybersecurity

UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the "Army+" Application - SOC Prime

Detect UAC-0125 attacks against Ukraine exploiting the “Army+” app to gain remote access to targeted systems with Sigma rules from SOC Prime.

SOC Prime
SOC PrimeDec 16, 2024
#CERTUA alerts on #UAC0099 cyber-espionage attacks against Ukrainian state bodies spreading LONEPAGE #malware. Detect adversary activity with curated #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/uac-0099-cyber-espionage-attacks-detection/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post
UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware - SOC Prime

Detect UAC-0099 attacks against Ukraine exploiting CVE-2023-38831 and spreading LONEPAGE malware with Sigma rules from SOC Prime.

SOC Prime