Tag: russia
-
Public mobile networks are being weaponized for combat drone operations
On June 1, 2025, Ukraine launched a coordinated drone strike on five airfields inside Russia, disabling or destroying aircrafts. The attack involved more than 100 drones … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/enea-mobile-connected-drones-report/
-
New backdoor found in Android tablets targeting users in Russia, Germany and Japan
In a report released this week, Russian cybersecurity firm Kaspersky said it uncovered a previously undocumented backdoor dubbed Keenadu that is built directly into a device’s core software, allowing it to load into every application launched on the tablet. First seen on therecord.media Jump to article: therecord.media/new-backdoor-found-in-android-russia-japan-brazil
-
Poland Energy Survives Attack on Wind, Solar Infrastructure
Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/poland-energy-attack-wind-solar-infrastructure
-
Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates
A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky.The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu, in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build…
-
Russia Set to Block Telegram Access Nationwide from April 1
Russia is preparing to implement a nationwide block on Telegram starting April 1, 2026, according to reports from the Russian insider channel Baza. The move would make the messaging platform completely inaccessible without VPN technology, mirroring previous restrictions imposed on Instagram and Facebook in the country. Roskomnadzor, Russia’s telecommunications regulator, has neither confirmed nor denied…
-
Starlink restrictions hit Russian forces as Moscow seeks workarounds
Ukraine’s security service said Russia was trying to recruit locals to help restore access to blocked Starlink satellite internet terminals. First seen on therecord.media Jump to article: therecord.media/starlink-restrictions-hit-russian-forces
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT Breaking Down ZeroDayRAT New Spyware Targeting Android and iOS Old-School IRC, New Victims: Inside the Newly Discovered SSHStalker Linux Botnet Reynolds: Defense Evasion Capability […]…
-
Suspected Russian hackers deploy CANFAIL malware against Ukraine
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat actor behind attacks on Ukrainian organizations using CANFAIL malware. The group is possibly linked to Russian intelligence services and has targeted defense, military, government, and energy entities at both regional…
-
Alert: ‘Severe Cyberthreat’ to Critical Infrastructure
Develop ‘Strong Resilience and Recovery Plans,’ Urges UK Cybersecurity Agency. Following Poland’s energy grid being targeted by Russian nation-state attackers, Britain has issued a severe cyberthreat alert to its domestic critical national infrastructure operators, urging them to refine their defensive and resilience posture ahead of any unexpected escalation in targeting. First seen on govinfosecurity.com Jump…
-
Nation-State Hackers Put Defense Industrial Base Under Siege
Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/nation-state-hackers-defense-industrial-base-under-siege
-
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL.Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and First seen on…
-
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG).The tech giant’s threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking defense…
-
NATO must impose costs on Russia, China over cyber and hybrid attacks, says deputy chief
Speaking at the Munich Cyber Security Conference, Radmila Shekerinska said the security environment has become “more complex” and “more contested,” with rivals operating at the same time in the physical and digital worlds. First seen on therecord.media Jump to article: therecord.media/nato-must-impost-costs-russia-china-cyber-hybrid-deputy-secretary
-
NATO must impose costs on Russia, China over cyber and hybrid attacks, says deputy chief
Speaking at the Munich Cyber Security Conference, Radmila Shekerinska said the security environment has become “more complex” and “more contested,” with rivals operating at the same time in the physical and digital worlds. First seen on therecord.media Jump to article: therecord.media/nato-must-impost-costs-russia-china-cyber-hybrid-deputy-secretary
-
Europe must adapt to ‘permanent’ cyber and hybrid threats, Sweden warns
Cyber and hybrid threats are now a permanent feature of Europe’s security environment, a senior Swedish defense official said, citing Russia’s full-scale invasion of Ukraine as a turning point. First seen on therecord.media Jump to article: therecord.media/sweden-cyber-threats-europe-permanent
-
Breach Roundup: CISA Flags OT Risks After Polish Grid Hack
Also: Spanish Hacker Granted Russian Asylum, Microsoft Patches Zero-Days. This week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ministry services offline. BYOVD ransomware. The Conduent breach hit Volvo. Microsoft patched zero-days. ZeroDayRAT targeted devices. The SmarterMail breach. Another Fortinet flaw. First seen on govinfosecurity.com Jump to…
-
Russia tries to block WhatsApp, Telegram in communication blockade
The Russian government is attempting to block WhatsApp in the country as its crackdown on communication platforms not under its control intensifies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russia-tries-to-block-whatsapp-telegram-in-communication-blockade/
-
WhatsApp says Russia tried to fully block platform, push users to state app
Tags: russiaWhatsApp said Thursday that Russia is attempting to fully block the messaging app in an effort to push users toward a state-backed alternative. First seen on therecord.media Jump to article: therecord.media/whatsapp-russia-blocked-state
-
DOJ says Trenchant boss sold exploits to Russian broker capable of accessing ‘millions of computers and devices’
The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling several exploits to a Russian broker, which counts the Russian government among its customers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/11/doj-says-trenchant-boss-sold-exploits-to-russian-broker-capable-of-accessing-millions-of-computers-and-devices/
-
Sanctioned Bulletproof Host Tied to DNS Hijacking
Shadow Aeza International Directed Traffic to Malicious Adtech. A financially motivated threat actor hacked dozens of domain name system resolvers, connecting them to the infrastructure of a Russian bulletproof hosting service sanctioned by the U.S. Department of Treasury for its criminal links, researchers found. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/sanctioned-bulletproof-host-tied-to-dns-hijacking-a-30723
-
Russia’s cyber attacks on Polish utilities draws NCSC alert
A series of Russian cyber attacks targeting Poland’s energy infrastructure has prompted a new warning from the UK’s National Cyber Security Centre. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638859/Russias-cyber-attacks-on-Polish-utilities-draws-NCSC-alert
-
Russia grants asylum to Spanish professor wanted for alleged pro-Moscow cyber operations
Russia has granted political asylum to a Spanish national accused in his home country of “cyberterrorism and espionage” in support of Moscow, according to Russian state media. First seen on therecord.media Jump to article: therecord.media/russia-asylum-spanish-professor-espionage
-
AI Is Here to Replace Nuclear Treaties. Scared Yet?
The last major nuclear arms treaty between the US and Russia just expired. Some experts believe a combination of satellite surveillance, AI, and human reviewers can take its place. Others, not so much. First seen on wired.com Jump to article: www.wired.com/story/satellites-ai-nuclear-treaties/
-
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT.Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks…
-
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
A threat cluster tracked as >>Vortex Werewolf<< (also known as SkyCloak) has been observed targeting Russian government and defense organizations. The attack begins not with a typical malicious attachment, but with a highly credible phishing link. Vortex Werewolf distributes URLs that masquerade as legitimate Telegram file-sharing resources. These links, often hosted on domains designed to…
-
UK Construction Firm Hit by Prometei Botnet Hiding in Windows Server
Cybersecurity firm eSentire’s TRU break down the Russian Prometei botnet attack on a UK firm, detailing its TOR usage, password theft and decoy tactics. First seen on hackread.com Jump to article: hackread.com/uk-construction-firm-prometei-botnet-windows-server/
-
Moltbook, the Social Network for AI Agents, Exposed Real Humans’ Data
Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-moltbook-the-social-network-for-ai-agents-exposed-real-humans-data/
-
Russia Hacked the Polish Electricity Grid. Now What?
Stymied Attack Leaves Poland No Good Options in Responding to Provocation. Poland’s online defenses stopped a Russian cyberattack against the energy grid, but now the Warsaw government is in a bind about how to respond to a digital assault that was a lot more than a crime, but a sliver less than an act of…
-
Breach Roundup: Italy Thwarts Russian Olympic Hacks
Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine. This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia’s APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace. First seen…