In a new advisory, the Ukrainian Government Computer Emergency Response Team (CERT-UA) says the Russian hackers used compromised VPN accounts that weren't protected with multi-factor authentication to access critical systems in Ukrainian state networks.
However, when WinRar is executed, the threat actors use the "-df" command-line option, which automatically deletes files as they are archived. The archives themselves were then deleted, effectively deleting the data on the device.
Happening on Twitter
Since the onset of the Ukraine War, everyone's been checking under their bed and looking in their closet for the bo… https://t.co/aykWtjaFX7 PeterZeihan (from Denver & around the world) Tue May 02 11:00:26 +0000 2023
1/ Russian #hackers have been targeting Ukrainian government agencies with malicious emails containing fake instruc… https://t.co/AY4633mNl2 TheRecord_Media (from The Internet) Mon May 01 21:29:26 +0000 2023
1/3 A #cybersecurity incident affecting a Canadian gas pipeline was exposed in leaked US #intelligence materials, r… https://t.co/co59Ojr7ep TheRecord_Media (from The Internet) Mon Apr 24 15:38:52 +0000 2023
No comments:
Post a Comment