Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

1/14/2020
03:30 PM
100%
0%

'Fancy Bear' Targets Ukrainian Oil Firm Burisma in Phishing Attack

The oil & gas company is at the heart of the ongoing US presidential impeachment case.

Burisma Holdings, a Ukrainian oil & gas company, has been hit with a phishing campaign that began in early November 2019 and is ongoing, according to Area 1 Security, which spotted the campaign it says came out of the Main Intelligence Directorate of the General Staff of the Russian Army (GRU).

The attack on Burisma, the Ukrainian company at the center of the current presidential impeachment case, was first reported by The New York Times last night. Intelligence agencies reportedly compared the new attack to that against Hillary Clinton's 2016 presidential campaign by the GRU's Fancy Bear hacking team. The payloads appear designed to gather login credentials from targeted email recipients.

The phishing campaign is running alongside active intelligence activities on the part of Russian actors, aimed at gathering information that could be damaging to Democratic candidate Joe Biden and his family, the Times reported. 

Area 1 disclosed details on the attack today in a new report.

For more, read here and here.

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "6 Unique InfoSec Metrics CISOs Should Track in 2020."

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-28487
PUBLISHED: 2021-01-22
This affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application.
CVE-2021-21260
PUBLISHED: 2021-01-22
Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf ...
CVE-2021-21270
PUBLISHED: 2021-01-22
OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API key used to connect to Octopus Server is exposed via logging in plaintext. This vulnerability is patc...
CVE-2020-4766
PUBLISHED: 2021-01-22
IBM MQ Internet Pass-Thru 2.1 and 9.2 could allow a remote user to cause a denial of service by sending malformed MQ data requests which would consume all available resources. IBM X-Force ID: 188093.
CVE-2021-21259
PUBLISHED: 2021-01-22
HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, which is executed when the note is viewed in slide mode. Depending on the configuration of the instance...