Latest news with #EastWind
Biz Bahrain
02-08-2025
- Biz Bahrain
Kaspersky discovered cyberattacks that sourced information from GitHub, Quora, and social networks to target organizations
Kaspersky detected a complex attack sequence that involved retrieving information from legitimate services such as GitHub, Microsoft Learn Challenge, Quora, and social networks. The attackers did this to avoid detection and run an execution chain to launch Cobalt Strike Beacon, a tool to remotely control computers, execute commands, steal data, and maintain persistent access within a network. The attacks were detected in the second half of 2024 in organizations across China, Japan, Malaysia, Peru and Russia, and persisted into 2025. The majority of victims were large to medium-sized businesses. To infiltrate victims' devices, the attackers sent spear phishing emails which were disguised as legitimate communications from major state-owned companies, particularly within the oil and gas sector. The text was phrased to look like there was interest in products and services of the victim organization to convince the recipient to open the malicious attachment. The attachment was an archive with what looked like PDF files containing requirements for the requested products and services – but in fact some of these PDFs were executable EXE and DLL files containing malware. The attackers leveraged DLL highjacking techniques and exploited the legitimate Crash reporting Send Utility which is originally designed to help developers get detailed, real-time crash reports for their applications. To function, the malware also retrieved and downloaded a code that was stored in public profiles on popular legitimate platforms to avoid detection. Kaspersky found this code encrypted inside profiles on GitHub, and links to it (also encrypted) – on other GitHub profiles, Microsoft Learn Challenge, Q&A websites, and even Russian social media platforms. All of these profiles and pages were created specifically for this attack. After the malicious code was executed on victims' machines, Cobalt Strike Beacon was launched, and the victims' systems were compromised. 'While we didn't find any evidence of the attackers using real people's social media profiles, as all the accounts were created specifically for this attack, there's nothing stopping the threat actor from abusing various mechanisms these platforms provide. For instance, malicious content strings could be posted in comments on legitimate users' posts. Threat actors are using increasingly complex methods to conceal long-known tools, and it's important to stay up to date with the latest threat intelligence to be protected from such attacks,' comments Maxim Starodubov, Malware Analyst Team Lead at Kaspersky. The method used to retrieve the download address for the malicious code is similar to what was observed in the EastWind campaign linked to Chinese-speaking actors. Kaspersky recommends that organizations follow these security guidelines to stay safe: • Track the status of digital infrastructure and continuously monitor the perimeter. • Use proven security solutions to detect and block malware embedded within bulk email. • Train staff to increase cybersecurity awareness. • Secure corporate devices with a comprehensive system, such as Kaspersky Next, that detects and blocks attacks in the early stages.
New York Times
04-03-2025
- Entertainment
- New York Times
Showing Courage in Ukraine With Handfuls of Clay
In late August 2020, eight humanoid statues appeared in a quiet corner of the Saint-Sophia of Kyiv conservation area, a 12-acre museum complex that is centered on the thousand-year-old Saint-Sophia Cathedral. Called 'Shadows,' the clay-and-copper sculptures — each faceless and ghostly, with a torsolike form planted on a cylindrical base — had been made by Yuriy Myrko, a co-founder of GORN Ceramics in Kyiv for the annual Bouquet Kyiv Stage Festival. 'The people who keep the cathedral decided they liked the sculptures and proposed to keep them there.' said Bogdan Kryvosheya, 30, who founded GORN with Mr. Myrko, 41, and is the studio's creative director. 'The exhibition was only for a week or so, but the sculptures stayed there for almost three years.' 'Shadows' marked a turning point for GORN, which until then had mostly produced utilitarian items like vases and bowls. The figures reflected ideas about human relationships, death and spirituality. Since they appeared, GORN has continued to produce emotional art pieces alongside its more practical offerings. Intensified by the war with Russia and the unpredictability of the future, the studio's output is a testament to creative freedom and resilience in the face of unimaginable hardship. Mr. Kryvosheya and Mr. Myrko met in 2017, and with a third partner, Sasha Mychak, established GORN the following year to produce ceramic tableware that they and other artists designed. Two years after the company started, the Covid-19 pandemic hit; then, two years after that Russian troops invaded Ukraine. Despite the challenges resulting from the invasion — limited access to resources, an unstable electricity supply, impediments to shipping and travel and the looming risk of conscription — GORN is thriving. This is thanks in part to its low-energy means of production — human hands shaping local clay, which is baked in wood-fired kilns — and in part to an international market. It is also helped by its collective operation. Working with Mr. Kryvosheya and Mr. Myrko (Mr. Mychak is no longer with the studio), three artists make pieces under the GORN label while also practicing independently: Yaroslav Honchar created GORN's East Wind group — minimal, juglike vessels in olive-green hues. Yuriy Sulikovsky contributed to the Flame vases, which are wood-fired at hyper-scalding temperatures for so many hours that smoke and ash interact with the clay, producing streaks and dapples. Dmytro Yakub works as Mr. Myrko's apprentice, assisting in daily operations and contributing to several different collections. 'Nothing is impossible in ceramics thanks to GORN's skill and technical capabilities,' said Sana Moreau, an art dealer who sells the studio's pieces in her Ukrainian-themed design shop in Paris. (Prices range from $45 for a bowl to $12,000 for sculptures.) Ms. Moreau, who emigrated from Ukraine to France in 2021, said she works with more than two dozen Ukrainian designers and studios. GORN, she said, 'can implement even the most complex and unusual ideas for modern interiors. One of their strengths is ceramic sculptures that touch on complex philosophical topics.' Like many producers of household goods globally, Mr. Kryvosheya said that the pandemic was a boon to his company. People who were stuck indoors throughout government-mandated lockdowns became eager to improve their homes. Perhaps less predictable was that the months after Russia attacked were also profitable. In addition to Ms. Moreau, GORN was represented by several international galleries and design retailers before the world's eyes turned sympathetically to Ukraine. 'When the full-scale invasion happened, that was one of the triggers for them to get our pieces,' Mr. Kryvosheya said, adding that GORN had a 30 percent increase in sales in the year following the invasion. Nor has the spotlight on Ukrainian design dimmed. Ms. Moreau estimated that Ukrainian design exports have grown at least threefold for most of her clients since February 2022. 'Things were not purchased out of pity, but simply because they are more visible,' she said. Designers who refused to let fear impede their lives were pouring their hearts into their art. 'For the first time we really had something to offer the European and American markets.' An outgrowth of dire conditions is that GORN is looking beyond its own commercial interests to nurture a local arts community. 'Our goals have deepened, moving beyond a general desire to create unique pieces to a broader mission of fostering creative and cultural growth,' Mr. Kryvosheya said. Last year, it opened a school that teaches every aspect of ceramics, including how clay can serve as an expressive medium, or as an escape from daily life in wartime. About 40 students have enrolled in the workshops. Many are 'older people" with successful careers in technology and business, Mr. Kryvosheya said. 'They finally want to do something for their soul.' He is optimistic about what he described as life challenges. 'You have nothing if you just keep sitting at home and crying all the time,' he said. 'The chances of us dying are higher than before, but what can we do? Nothing, but just move forward.'
