Tag: russia
-
Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says
Denmark has blamed Russia for a destructive cyberattack on a water utility, calling it part of Moscow’s hybrid campaign against Western critical infrastructure. Denmark has accused Russia of orchestrating destructive cyberattacks against a water utility in 2024, framing them as part of broader hybrid attacks on Western critical infrastructure. Denmark’s Defence Intelligence Service attributed a…
-
BlueDelta Hackers Target Users of Popular Ukrainian Webmail and News Service
Russian state-sponsored threat group BlueDelta has conducted a sustained credential-harvesting campaign targeting users of UKR.NET, one of Ukraine’s most popular webmail and news services, between June 2024 and April 2025. According to research by Recorded Future’s Insikt Group, the operation represents a significant escalation in the GRU-linked threat actor’s efforts to compromise Ukrainian user credentials…
-
Mapping the Emerging Alliance Between Qilin, DragonForce, and LockBit
In mid-September 2025, the ransomware landscape witnessed a significant development when DragonForce announced an alliance with Qilin and LockBit on a Russian underground forum. The announcement, posted on September 15, 2025, claimed the three groups were joining forces to navigate an increasingly challenging criminal ecosystem marked by intensified law enforcement pressure and operational fragmentation. A…
-
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
Tags: attack, authentication, credentials, email, government, group, hacker, microsoft, phishing, russiaA suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks.The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare.The attacks involve using compromised email addresses belonging to government First seen on thehackernews.com…
-
Denmark summons Russian ambassador over alleged cyberattacks on water utility, elections
Russia’s ambassador to Copenhagen, Vladimir Barbin, confirmed to Russian state media on Friday that he had been called to the Danish foreign ministry, but rejected the accusations as unfounded. First seen on therecord.media Jump to article: therecord.media/denmark-summons-russian-ambassador-cyberattack-elections
-
FireTail’s 2022 Review on Macro, Industry, and Thoughts About What’s Next FireTail Blog
Tags: ai, api, attack, cloud, cyber, cybercrime, cybersecurity, data, exploit, finance, government, infrastructure, intelligence, Internet, jobs, office, open-source, regulation, russia, startup, strategy, technology, usa, vulnerabilityDec 19, 2025 – Jeremy Snyder – New beginnings, such as new years, provide a nice opportunity to look back at what we have just experienced, as well as look forward to what to expect. 2022 was a year of transition in many ways, and 2023 may well be the same. I wanted to reflect…
-
State-linked and criminal hackers use device code phishing against M365 users
Russia-linked groups have attacked multiple sectors in recent months. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/state-linked-criminal-hackers-device-code-phishing-m365/808396/
-
Denmark blames Russia for destructive cyberattack on water utility
Danish intelligence officials blamed Russia for orchestrating cyberattacks against Denmark’s critical infrastructure, as part of Moscow’s hybrid attacks against Western nations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/denmark-blames-russia-for-destructive-cyberattack-on-water-utility/
-
Denmark Blames Russia for Destructive Cyber-Attacks
The Danish intelligence service believes some pro-Russian hacktivist groups have links with the Kremlin First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/denmark-blames-russia-for/
-
FBI Disrupts Russian Crypto Laundering Hub Enabling Cybercrime
A 39-year-old Russian national is accused of working with cybercriminals to convert criminal proceeds from cryptocurrency into various cash currencies First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-disrupts-russian-crypto/
-
Breach Roundup: Coupang Breach Sparks Leadership Shakeup
Also: Texas AG Sues Smart TV Manufacturers, Fortinet SSO Flaws. This week, a leadership shakeup at Coupang, attackers exploited critical Fortinet SSO flaws, Pornhub data hacked, Texas Attorney General Ken Paxton sued smart TV makers, auto finance provider 700Credit disclosed a breach affecting millions, A revived pro-Russia ransomware operation stumbled. First seen on govinfosecurity.com Jump…
-
Denmark says Russia was behind two ‘destructive and disruptive’ cyber-attacks
Intelligence service says attacks were work of groups connected to Russian state in ‘clear evidence’ of hybrid warThe Danish government has accused Russia of being behind two “destructive and disruptive” cyber-attacks in what it describes as “very clear evidence” of a hybrid war.The Danish Defence Intelligence Service (DDIS) announced on Thursday that Moscow was behind…
-
Russian Credential-Harvesting Apes Ukraine Webmail Platform
Widely Used ukr.net Is a Repeat Focus for APT28 Cyberespionage Operations. Don’t expect cyber spies to respect distinctions between military and civilian networks, especially in times of war, warn researchers tracking persistent Russian military intelligence credential-harvesting attacks against users of Ukraine’s popular, commercial UKR.NET webmail platform. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-credential-harvesting-apes-ukraine-webmail-platform-a-30325
-
Senate Intel chair urges national cyber director to safeguard against open-source software threats
Tom Cotton, R-Okla., cited Chinese and Russian involvement in open-source tech and the risks to government and defense systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/tom-cotton-open-source-software-foreign-influence-national-cyber-director/
-
Senate Intel chair urges national cyber director to safeguard against open-source software threats
Tom Cotton, R-Okla., cited Chinese and Russian involvement in open-source tech and the risks to government and defense systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/tom-cotton-open-source-software-foreign-influence-national-cyber-director/
-
FBI Seizes Crypto Laundering Hub E-Note Linked to Russian Admin
The FBI and international police have shut down E-Note, a cryptocurrency exchange that laundered over $70 million for cybercriminals. Read about the indictment of a Russian and how the global task force ended his decade-long operation. First seen on hackread.com Jump to article: hackread.com/fbi-seize-e-note-crypto-laundering-russian-admin/
-
Blurred Deception: Russian APT Targets Transnistria and NATO with High-Pressure Phishing Lures
The post Blurred Deception: Russian APT Targets Transnistria and NATO with High-Pressure Phishing Lures appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/blurred-deception-russian-apt-targets-transnistria-and-nato-with-high-pressure-phishing-lures/
-
DOJ announces takedown of alleged laundering platform used by cybercriminal groups
A Russian national was also indicted for running the platform. First seen on cyberscoop.com Jump to article: cyberscoop.com/michigan-e-note-crypto-exchange-takedown-ransomware-money-laundering-indictment/
-
Russian BlueDelta hackers ran phishing campaign against Ukrainian webmail users
Researchers said the campaign likely aimed to collect sensitive information from Ukrainian users in support of broader Russian intelligence objectives. First seen on therecord.media Jump to article: therecord.media/russian-bluedelta-hackers-ran-phishing-ukraine-webmail
-
Roblox in talks with Russia to restore access after platform ban sparks backlash
According to Russia’s media regulator Roskomnadzor, the U.S.-based company acknowledged shortcomings in moderating in-game content and securing user chats, and reached out to the agency to discuss potential changes. First seen on therecord.media Jump to article: therecord.media/roblox-in-talks-with-russia-to-restore-access-ban
-
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a “sustained” credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine.The activity, observed by Recorded Future’s Insikt Group between June 2024 and April 2025, builds upon prior findings from the cybersecurity company in…
-
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky.The Russian cybersecurity vendor said it detected the new activity in October 2025. The origins of the threat actor are presently unknown.”While the spring cyberattacks focused on organizations, the fall campaign honed…
-
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a “sustained” credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine.The activity, observed by Recorded Future’s Insikt Group between June 2024 and April 2025, builds upon prior findings from the cybersecurity company in…
-
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Tags: credentials, cyber, exploit, hacker, infrastructure, intelligence, network, russia, theft, threat, vulnerabilityAmazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (20212025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the…
-
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Tags: credentials, cyber, exploit, hacker, infrastructure, intelligence, network, russia, theft, threat, vulnerabilityAmazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (20212025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the…
-
Russian APT group pivots to network edge device misconfigurations
Tags: apt, attack, authentication, breach, cloud, credentials, detection, group, infrastructure, intelligence, mfa, mssp, network, russia, service, technology, theft, threatCredential harvesting: The researchers also observed credential replay attacks against victims’ other online services using stolen domain credentials following network edge device compromises. This indicates that the attackers are likely harvesting credentials by leveraging the traffic capturing and analysis capabilities of the compromised devices.”Time gap between device compromise and authentication attempts against victim services suggests…
-
Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices
The post Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/sandworms-tactical-pivot-russian-gru-abandons-zero-days-to-weaponize-misconfigured-edge-devices/
-
Russia’s GRU hackers targeting misconfigured network edge devices in attacks on energy sector, Amazon says
In a press briefing this week, Amazon officials said the years-long campaign “represents a significant evolution in critical infrastructure targeting.” First seen on therecord.media Jump to article: therecord.media/russia-gru-hackers-target-energy-sector-sandworm
-
Russia’s GRU hackers targeting misconfigured network edge devices in attacks on energy sector, Amazon says
In a press briefing this week, Amazon officials said the years-long campaign “represents a significant evolution in critical infrastructure targeting.” First seen on therecord.media Jump to article: therecord.media/russia-gru-hackers-target-energy-sector-sandworm