Tag
high
threat
GreyVibe Targets Ukraine with AI-Generated Lures and Custom Malware
2 rules 8 TTPsThe likely Russian-aligned GreyVibe group is targeting Ukrainian organizations with AI-generated lures delivered via spear-phishing and malicious websites, deploying custom malware such as PhantomRelay, LegionRelay, and FallSpy to exfiltrate sensitive data.
google drive +8
GreyVibe
ai-generated-lures
cyberespionage
ukraine
malware
phantomrelay
legionrelay
fallspy
2r
8t
high
threat
FrostyNeighbor Targets Ukraine with Updated PicassoLoader Chain
2 rules 3 TTPs 3 IOCsThe FrostyNeighbor threat actor is targeting Ukrainian governmental organizations with spearphishing emails containing malicious PDFs that deliver a JavaScript dropper (PicassoLoader) and ultimately a Cobalt Strike beacon.
Cobalt Strike +2
FrostyNeighbor
cyberespionage
cobaltstrike
picassoloader
ukraine
2r
3t
3i
high
threat
Operation GhostMail: Russian APT Exploiting Zimbra XSS to Target Ukraine Government
2 rules 1 TTPA Russian APT group is exploiting a Zimbra XSS vulnerability (details unspecified) to target the Ukrainian government in an operation dubbed 'GhostMail'.
Russian APT
zimbra
xss
ukraine
apt
2r
1t