Tag: russia
-
Russian-speaking hackers used gen AI tools to compromise 600 firewalls, Amazon says
A Russian-speaking threat actor used commercial generative artificial intelligence tools to help compromise more than 600 FortiGate firewall devices across more than 55 countries earlier this year, researchers have found. First seen on therecord.media Jump to article: therecord.media/gen-ai-fortigate-hackers-russia
-
Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls
A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-threat-actor-genai/
-
Ukraine says cyberattacks on energy grid now used to guide missile strikes
Russian cyberattacks targeting Ukraine’s energy infrastructure are increasingly focused on collecting intelligence to guide missile strikes rather than immediately disrupting operations, Ukrainian cybersecurity officials said. First seen on therecord.media Jump to article: therecord.media/ukraine-cyberattacks-guiding-russian-missile-strikes
-
Ransomware gangs advancing Moscow’s geopolitical aims, Romanian cyber chief warns
Recent ransomware attacks targeting Romania’s critical infrastructure were likely part of a broader Russian hybrid operation aimed at undermining the country’s stability, Romania’s top cybersecurity official said. First seen on therecord.media Jump to article: therecord.media/ransomware-gangs-advancing-moscow-geopolitical-interests-warns-romania
-
AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
Off-the-shelf tools helped Russian-speaking cybercrime group run riot First seen on theregister.com Jump to article: www.theregister.com/2026/02/23/aws_fortigate_firewalls/
-
AI-powered campaign compromises 600 FortiGate systems worldwide
A Russian-speaking cybercriminal used commercial generative AI tools to hack over 600 FortiGate devices across 55 countries. Amazon Threat Intelligence reports that a Russian-speaking, financially motivated threat actor used commercial generative AI services to compromise more than 600 FortiGate devices in 55 countries. The activity, observed between January 11 and February 18, 2026, highlights how…
-
Amazon: AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks
Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amazon-ai-assisted-hacker-breached-600-fortigate-firewalls-in-5-weeks/
-
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries.That’s according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026.”No exploitation of FortiGate First seen on…
-
Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks
Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amazon-ai-assisted-hacker-breached-600-fortigate-firewalls-in-5-weeks/
-
Russia stepping up hybrid attacks, preparing for long standoff with West, Dutch intelligence warns
Russia’s intensifying cyberattacks, sabotage and covert influence operations across Europe show the Kremlin is preparing for a prolonged confrontation with the West, Dutch intelligence agencies said. First seen on therecord.media Jump to article: therecord.media/russia-cyberattacks-europe-warfare
-
Public mobile networks are being weaponized for combat drone operations
On June 1, 2025, Ukraine launched a coordinated drone strike on five airfields inside Russia, disabling or destroying aircrafts. The attack involved more than 100 drones … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/enea-mobile-connected-drones-report/
-
Public mobile networks are being weaponized for combat drone operations
On June 1, 2025, Ukraine launched a coordinated drone strike on five airfields inside Russia, disabling or destroying aircrafts. The attack involved more than 100 drones … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/enea-mobile-connected-drones-report/
-
New backdoor found in Android tablets targeting users in Russia, Germany and Japan
In a report released this week, Russian cybersecurity firm Kaspersky said it uncovered a previously undocumented backdoor dubbed Keenadu that is built directly into a device’s core software, allowing it to load into every application launched on the tablet. First seen on therecord.media Jump to article: therecord.media/new-backdoor-found-in-android-russia-japan-brazil
-
Poland Energy Survives Attack on Wind, Solar Infrastructure
Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/poland-energy-attack-wind-solar-infrastructure
-
Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates
A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky.The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu, in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build…
-
Russia Set to Block Telegram Access Nationwide from April 1
Russia is preparing to implement a nationwide block on Telegram starting April 1, 2026, according to reports from the Russian insider channel Baza. The move would make the messaging platform completely inaccessible without VPN technology, mirroring previous restrictions imposed on Instagram and Facebook in the country. Roskomnadzor, Russia’s telecommunications regulator, has neither confirmed nor denied…
-
Starlink restrictions hit Russian forces as Moscow seeks workarounds
Ukraine’s security service said Russia was trying to recruit locals to help restore access to blocked Starlink satellite internet terminals. First seen on therecord.media Jump to article: therecord.media/starlink-restrictions-hit-russian-forces
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT Breaking Down ZeroDayRAT New Spyware Targeting Android and iOS Old-School IRC, New Victims: Inside the Newly Discovered SSHStalker Linux Botnet Reynolds: Defense Evasion Capability […]…
-
Suspected Russian hackers deploy CANFAIL malware against Ukraine
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat actor behind attacks on Ukrainian organizations using CANFAIL malware. The group is possibly linked to Russian intelligence services and has targeted defense, military, government, and energy entities at both regional…
-
Alert: ‘Severe Cyberthreat’ to Critical Infrastructure
Develop ‘Strong Resilience and Recovery Plans,’ Urges UK Cybersecurity Agency. Following Poland’s energy grid being targeted by Russian nation-state attackers, Britain has issued a severe cyberthreat alert to its domestic critical national infrastructure operators, urging them to refine their defensive and resilience posture ahead of any unexpected escalation in targeting. First seen on govinfosecurity.com Jump…
-
Nation-State Hackers Put Defense Industrial Base Under Siege
Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/nation-state-hackers-defense-industrial-base-under-siege
-
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL.Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and First seen on…
-
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG).The tech giant’s threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking defense…
-
NATO must impose costs on Russia, China over cyber and hybrid attacks, says deputy chief
Speaking at the Munich Cyber Security Conference, Radmila Shekerinska said the security environment has become “more complex” and “more contested,” with rivals operating at the same time in the physical and digital worlds. First seen on therecord.media Jump to article: therecord.media/nato-must-impost-costs-russia-china-cyber-hybrid-deputy-secretary
-
NATO must impose costs on Russia, China over cyber and hybrid attacks, says deputy chief
Speaking at the Munich Cyber Security Conference, Radmila Shekerinska said the security environment has become “more complex” and “more contested,” with rivals operating at the same time in the physical and digital worlds. First seen on therecord.media Jump to article: therecord.media/nato-must-impost-costs-russia-china-cyber-hybrid-deputy-secretary
-
Europe must adapt to ‘permanent’ cyber and hybrid threats, Sweden warns
Cyber and hybrid threats are now a permanent feature of Europe’s security environment, a senior Swedish defense official said, citing Russia’s full-scale invasion of Ukraine as a turning point. First seen on therecord.media Jump to article: therecord.media/sweden-cyber-threats-europe-permanent
-
Breach Roundup: CISA Flags OT Risks After Polish Grid Hack
Also: Spanish Hacker Granted Russian Asylum, Microsoft Patches Zero-Days. This week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ministry services offline. BYOVD ransomware. The Conduent breach hit Volvo. Microsoft patched zero-days. ZeroDayRAT targeted devices. The SmarterMail breach. Another Fortinet flaw. First seen on govinfosecurity.com Jump to…
-
Russia tries to block WhatsApp, Telegram in communication blockade
The Russian government is attempting to block WhatsApp in the country as its crackdown on communication platforms not under its control intensifies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russia-tries-to-block-whatsapp-telegram-in-communication-blockade/
-
WhatsApp says Russia tried to fully block platform, push users to state app
Tags: russiaWhatsApp said Thursday that Russia is attempting to fully block the messaging app in an effort to push users toward a state-backed alternative. First seen on therecord.media Jump to article: therecord.media/whatsapp-russia-blocked-state