This was inevitable considering the weak response from the US and our NATO allies in Europe. How soon will the ground war start? How will the West respond?
If you thin this is NOT our war, please remember the last time the Russians attacked the Ukraine with the NotPetya attack. This affected not just the Ukraine, but any countries or businesses that did business with the Ukraine. Remember this article?
“Sandworm” Is The True Story About Russian Cyberwarfare
I read the book Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers, by Andy Greenberg, senior writer for Wired magazine. If you want to understand how cyber-war has changed the face of military operations in the 21st century, this book explains …
Microsoft Warns of Destructive Malware Targeting Ukrainian Organizations
Original release date: January 16, 2022
Microsoft has released a blog post on possible Master Boot Record (MBR) Wiper activity targeting Ukrainian organizations, including Ukrainian government agencies. According to Microsoft, powering down the victim device executes the malware, which overwrites the MBR with a ransom note; however, the ransom note is a ruse because the malware actually destroys the MBR and the targeted files.
CISA recommends network defenders review the Microsoft blog for tactics, techniques, and procedures, as well as indicators of compromise related to this activity. CISA additionally recommends network defenders review recent Cybersecurity Advisories and the CISA Insights, Preparing For and Mitigating Potential Cyber Threats.
More Russian Cyber Operations against Ukraine
Both Russia and Ukraine are preparing for military operations in cyberspace.
Recent activity today from my web application firewall
The Wordfence Web Application Firewall has blocked 165 attacks over the last 10 minutes. Below is a sample of these recent attacks:January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:57am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
January 17, 2022 10:56am 193.57.40.55 (Ukraine) Blocked because the IP is blocklisted
Share
JAN
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com