Tag: russia
-
Amazon Stymies APT29 Credential Theft Campaign
A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft’s device code authentication flow. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/amazon-apt29-credential-theft-campaign
-
Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial
Ianis Aleksandrovich Antropenko allegedly committed ransomware attacks from 2018 to 2022. He’s been out on bond since his arrest almost a year ago, despite multiple run-ins with police. First seen on cyberscoop.com Jump to article: cyberscoop.com/ianis-antropenko-zeppelin-ransomware-russian-cybercrime/
-
Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely
Tags: russiaVon der Leyen’s plane faced suspected Russian GPS jamming in Bulgaria, but the EU chief landed safely, says European Commission. The EU confirmed that Ursula von der Leyen’s plane experienced GPS jamming while flying to Bulgaria. The European authorities suspect Russian interference, though the aircraft landed safely. Bulgarian officials provided the information, and the EU…
-
Europe Putin the blame on Russia after GPS jamming disrupts president’s plane
Tags: russiaBloc working on anti-jamming measures and plans extra sat to help First seen on theregister.com Jump to article: www.theregister.com/2025/09/02/eu_gps_jamming_russia_response/
-
Amazon disrupts Russian APT29 hackers targeting Microsoft 365
Researchers have disrupted an operation attributed to Russian state-sponsored threat group Midnight Blizzard, who sought access to Microsoft 365 accounts and data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amazon-disrupts-russian-apt29-hackers-targeting-microsoft-365/
-
Amazon Disrupts Russian APT29 Watering Hole Targeting Microsoft Authentication
Amazon has disrupted a Russian APT29 watering hole campaign that used compromised sites to target Microsoft authentication with… First seen on hackread.com Jump to article: hackread.com/amazon-disrupts-russia-apt29-watering-hole-microsoft-auth/
-
Amazon Stops Russian APT29 Watering Hole Attack Exploiting Microsoft Auth
The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/amazon-russian-apt29-watering-hole/
-
Russian-Linked ATP29 Makes Another Run at Microsoft Credentials
Amazon researchers disrupted a watering hole campaign by Russian-linked cyberespionage group APT29 designed to use compromised websites to trick users into giving the threat actors access to their Microsoft accounts and data via the tech giant’s device code authentication flow. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/russian-linked-atp29-makes-another-run-at-microsoft-credentials/
-
Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War
The post Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/beyond-defense-new-report-exposes-how-russian-cyber-firms-aid-the-kremlins-war/
-
Amazon blocks APT29 campaign targeting Microsoft device code authentication
Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites. Amazon announced that it had disrupted an opportunistic watering hole campaign orchestrated by the Russia-linked cyber espionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes). Amazon experts labeled the attacks as an opportunistic watering hole campaign using compromised…
-
Amazon Takes Down Russian APT29 Infrastructure Targeting Users
Tags: cyber, cybersecurity, group, hacking, infrastructure, intelligence, network, russia, threat, warfareAmazon’s cybersecurity team has successfully disrupted a sophisticated watering hole campaign orchestrated by APT29, a notorious hacking group linked to Russia’s Foreign Intelligence Service. The August 2025 operation represents the latest chapter in an ongoing cyber warfare battle between tech giants and state-sponsored threat actors seeking to infiltrate global networks and harvest sensitive credentials. APT29’s…
-
Dexter: Resurrection Finale Leaks Online in Russian Dub
Dexter: Resurrection finale leaks in Russian dub ahead of release. Episodes 9 and 10 surface online, echoing past… First seen on hackread.com Jump to article: hackread.com/dexter-resurrection-finale-leaks-online-in-russian-dub/
-
AWS catches Russia’s Cozy Bear clawing at Microsoft credentials
Look who’s visiting the watering hole these days First seen on theregister.com Jump to article: www.theregister.com/2025/08/29/aws_catches_russias_apt29_trying/
-
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts.The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s device code First seen on…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
Germany charges man over cyberattack on Rosneft subsidiary
German prosecutors charged a man with carrying out a damaging cyberattack on Rosneft Deutschland, the German subsidiary of Russia’s state-owned oil giant, in the weeks following Russia’s invasion of Ukraine. First seen on therecord.media Jump to article: therecord.media/germany-charges-cyberattack-rosneft
-
U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich Andreyev, DPRK official Kim Ung Sun, Chinese entity Shenyang Geumpungri Network Technology Co., Ltd. DPRK-based Korea Sinjin Trading Corporation for their involvement in a sophisticated fraudulent scheme involving information technology workers orchestrated by the Democratic…
-
Sting nails two front firms in Nork IT worker scam
There’s also a rogue Russian on the list First seen on theregister.com Jump to article: www.theregister.com/2025/08/27/us_treasury_korea_sanctions/
-
US sanctions Russian national and Chinese company over North Korean IT worker schemes
The U.S. Treasury Department announced new sanctions targeting key players in North Korea’s ongoing scheme to get its citizens hired as IT workers at American companies. First seen on therecord.media Jump to article: therecord.media/us-sanctions-company-national-north
-
Putin on the code: DoD reportedly relies on utility written by Russian dev
Fast-glob is widely used in government, security lab says First seen on theregister.com Jump to article: www.theregister.com/2025/08/27/popular_nodejs_utility_used_by/
-
TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future – Chester Wisniewski
Tags: access, ai, attack, backdoor, breach, business, ciso, computer, country, crime, crimes, cyber, cybercrime, cybersecurity, data-breach, defense, detection, edr, email, finance, firewall, gartner, government, guide, hacker, hacking, Hardware, infosec, Internet, jobs, linkedin, mail, malicious, microsoft, military, monitoring, network, password, phishing, phone, privacy, programming, ransomware, risk, russia, scam, skills, software, sophos, spam, sql, strategy, switch, technology, threat, update, virus, vulnerability, wifi, windowsSummary “The Defenders Log” Episode 1 features host David Redekop and guest Chet Wisniewski discussing the dynamic world of cybersecurity. Wisniewski, with decades of experience, traces his journey from early BBS and phone network exploration to becoming a cybersecurity expert. They delve into the evolution of hacking, the emergence of profitable cybercrime like email spam,…
-
Finnish police wiretap reveals Russian ‘shadow fleet’ captain instructed to destroy evidence
Tags: russiaThe captain of a Russia-linked oil tanker that damaged five subsea cables in the Baltic Sea was reportedly instructed to destroy evidence after the ship was seized by authorities. First seen on therecord.media Jump to article: therecord.media/finnish-police-wiretap-eagles-sabotage
-
Behind the Coinbase breach: Bribery emerges as enterprise threat
Coinbase’s widely praised incident response: Coinbase’s transparency, firm stance against the ransom, quick remediation, and willingness to compensate its customers earned wide praise from cybersecurity professionals.According to Coinbase’s Martin, the hackers resorted to paying help desk workers in India precisely because the company had built such a robust security program. Bribery, according to Martin, was…
-
Russia weighs Google Meet ban as part of foreign tech crackdown
A senior Russian official said the government is considering blocking the video conferencing service Google Meet after brief disruptions in the country late last week. First seen on therecord.media Jump to article: therecord.media/russia-google-meet-ban-crackdown
-
New Android malware poses as antivirus from Russian intelligence agency
A new Android malware posing as an antivirus tool software created by Russia’s Federal Security Services agency (FSB) is being used to target executives of Russian businesses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-android-malware-poses-as-antivirus-from-russian-intelligence-agency/
-
New Android malware poses as antivirus from Russian intelligence agency
A new Android malware posing as an antivirus tool software created by Russia’s Federal Security Services agency (FSB) is being used to target executives of Russian businesses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-android-malware-poses-as-antivirus-from-russian-intelligence-agency/
-
New Android Spyware Masquerading as Antivirus Targets Business Executives
Doctor Web’s antivirus laboratory has identified a sophisticated Android backdoor malware, designated Android.Backdoor.916.origin, which has been evolving since its initial detection in January 2025. This multifunctional spyware primarily targets representatives of Russian businesses through targeted attacks rather than mass distribution. Attackers disseminate the malicious APK file via private messages in popular messengers, disguising it as…
-
The Mysterious Shortwave Radio Station Stoking US-Russia Nuclear Fears
A popular shortwave Russian radio station dubbed “UVB-76” has been an enigma for decades. But its recent messages have turned it into a tool for Kremlin saber-rattling. First seen on wired.com Jump to article: www.wired.com/story/uvb-76-russia-us-nuclear-fears/
-
Android.Backdoor.916.origin malware targets Russian business executives
New Android spyware Android.Backdoor.916.origin is disguised as an antivirus linked to Russia’s intelligence agency FSB, and targets business executives. Doctor Web researchers observed a multifunctional backdoor Android.Backdoor.916.origin targeting Android devices belonging to representatives of Russian businesses. The malware executes attacker commands, enabling surveillance, keylogging, and theft of chats, browser data, and even live camera/audio streams.…
-
Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Tags: access, ai, attack, automation, cisa, cisco, cloud, conference, control, credentials, cve, cyber, cybersecurity, data, data-breach, deep-fake, detection, docker, espionage, exploit, flaw, framework, fraud, google, government, group, guide, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iot, LLM, microsoft, mitigation, mitre, mobile, network, nist, risk, russia, scam, service, side-channel, software, strategy, switch, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCheck out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan against face-morphing deepfakes. And get the latest on the CIS Benchmarks and on vulnerability prioritization strategies! Here are…