Tag: russia
-
Italy blames Russia-linked hackers for cyberattacks ahead of Winter Olympics
Multiple Italian foreign ministry offices and facilities associated with the Winter Games were targeted by attacks. First seen on therecord.media Jump to article: therecord.media/italy-blames-russia-linked-hackers-winter-games-cyberattack
-
European Officials Warn of Russian Satellites Intercepting Communications
Russian Luch “inspector” satellites are suspected of shadowing European GEO spacecraft, raising fears of interception, jamming, and orbital risk. The post European Officials Warn of Russian Satellites Intercepting Communications appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-europe-warning-russian-satellites/
-
Italy claims cyberattacks ‘of Russian origin’ are pelting Winter Olympics
Right on cue, petulant hacktivists attempt to disrupt yet another global sporting event First seen on theregister.com Jump to article: www.theregister.com/2026/02/05/winter_olympics_russian_attacks/
-
APT28 Hackers Exploit Microsoft Office Vulnerability to Target Government Agencies
Tags: attack, cyber, cyberattack, espionage, exploit, government, hacker, microsoft, military, office, phishing, russia, spear-phishing, theft, vulnerabilityRussian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the theft on secrets from maritime and transport agencies in countries such as Poland, Greece, and Ukraine. The attacks start with spear-phishing…
-
Microsoft releases urgent Office patch. Russian-state hackers pounce.
The window to patch vulnerabilities is shrinking rapidly. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/02/russian-state-hackers-exploit-office-vulnerability-to-infect-computers/
-
When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit
Email attachments remain one of the most trusted entry points into enterprise environments. Despite years of awareness training and secure email gateways, attackers continue to rely on documents because they blend seamlessly into everyday workflows. New reporting from The Hacker News details how APT28, a Russia-linked threat actor, is actively exploiting a newly disclosed Microsoft…
-
Victims Are Rebuffing Ransomware Mass Data Theft Campaigns
Revenue From Supply-Chain Attacks by Clop Group Sharply Fell, Report Investigators. Once lucrative steal-and-leak campaigns pioneered by Russian ransomware group Clop look set to go the way of the dinosaurs. While an estimated 25% of victims paid a ransom in the inaugural campaign five years ago, the number of victims that paid fell to zero…
-
Ukraine tightens controls on Starlink terminals to counter Russian drones
Ukraine has rolled out a verification system for Starlink satellite internet terminals used by civilians and the military after confirming that Russian forces have begun installing the technology on attack drones. First seen on therecord.media Jump to article: therecord.media/ukraine-tightens-starlink-controls-counter-russian-drones
-
Russian hackers exploited a critical Office bug within days of disclosure
One campaign, two infection paths: ZScaler found that exploitation of CVE-2026-21509 did not lead to a single uniform payload. Instead, the initial RTF-based exploit branched into two distinct infection paths, each serving a different operational purpose. The choice of dropper reportedly determined whether the attackers prioritized near-term intelligence collection or longer-term access to compromised systems.In…
-
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
APT28’s attacks rely on specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-hackers-weaponize-office-bug-within-days
-
Poland detains defense ministry employee on suspicion of spying for Russia
The 60-year-old detainee, a Polish national, worked in the Ministry of National Defense’s strategy and planning department, including on military modernization projects, officials said. He was arrested at his workplace at the ministry’s headquarters in Warsaw. First seen on therecord.media Jump to article: therecord.media/poland-detains-defense-ministry-employee-spying
-
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks
A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in Ukraine, Slovakia, and Romania. First seen on hackread.com Jump to article: hackread.com/op-neusploit-russia-apt28-microsoft-office-malware/
-
Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU
Ukraine’s computer emergency response team, CERT-UA, said attackers began abusing the flaw, tracked as CVE-2026-21509, shortly after Microsoft disclosed it in early January. First seen on therecord.media Jump to article: therecord.media/russian-state-hackers-exploit-new-microsoft-flaw
-
Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)
Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released an emergency fix last … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/russian-hackers-are-exploiting-recently-patched-microsoft-office-vulnerability-cve-2026-21509/
-
APT28 exploits Microsoft Office flaw in Operation Neusploit
Russia-linked APT28 is behind Operation Neusploit, exploiting a newly disclosed Microsoft Office vulnerability in targeted attacks. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) is behind Operation Neusploit, a campaign that exploits a newly disclosed Microsoft Office vulnerability. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations…
-
APT28 Exploits Active Microsoft Office Zero-Day to Deliver Malware
The Russia-linked advanced persistent threat group APT28 has been observed actively exploiting a zero-day vulnerability in Microsoft Office to deliver malware through a sophisticated multi-stage attack campaign. Security researchers from Zscaler ThreatLabz identified this new operation, dubbed Operation Neusploit, targeting users across Central and Eastern Europe with weaponized RTF documents. The campaign specifically targeted Ukraine,…
-
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit.Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and Romania,…
-
APT28 Leverages CVE-2026-21509 in Operation Neusploit
IntroductionIn January 2026, Zscaler ThreatLabz identified a new campaign in-the-wild, tracked as Operation Neusploit, targeting countries in the Central and Eastern European region. In this campaign, the threat actor leveraged specially crafted Microsoft RTF files to exploit CVE-2026-21509 and deliver malicious backdoors in a multi-stage infection chain. Due to significant overlaps in tools, techniques, and procedures (TTPs)…
-
Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-exploit-recently-patched-microsoft-office-bug-in-attacks/
-
Russian Hacker Alliance Launches Large-Scale Cyberattack Targeting Denmark
A pro-Russian hacker alliance calling itself “Russian Legion” has issued direct threats against Denmark, warning of large-scale cyberattacks linked to the country’s planned military support to Ukraine. The campaign appears designed to combine disruptive cyber activity with psychological pressure on Danish authorities, businesses, and the wider public. The first threat was posted on the Russian…
-
New “Punishing Owl” Hacker Group Targets Networks Linked to Russian Security Agency
A previously unknown threat actor calling itself Punishing Owl has claimed responsibility for breaching a Russian government security agency, marking the emergence of what cybersecurity researchers believe is a new politically motivated hacktivist collective. The attack demonstrated sophisticated operational security capabilities beyond typical data exfiltration campaigns. On the same day as the breach announcement, Punishing…
-
Russia-linked APT28 attackers already abusing new Microsoft Office zero-day
Ukraine’s CERT says the bug went from disclosure to active exploitation in days First seen on theregister.com Jump to article: www.theregister.com/2026/02/02/russialinked_apt28_microsoft_office_bug/
-
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-bear-exploits-office-flaw/
-
Polish Grid Hack Underlines European Need for Active Defense
Russian Hacking Shows Limits of Preventive Measures. Europe must step up its active defenses against cyberattacks and modernize its IT infrastructure, a leading expert has warned in the wake of a major attack on Poland’s energy grid attributed to Russian hackers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/polish-grid-hack-underlines-european-need-for-active-defense-a-30651
-
Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy First…
-
Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy First…
-
Sandworm Blamed for Wiper Attack on Polish Power Grid
Researchers attributed the failed attempt to the infamous Russian APT Sandworm, which is notorious for wiper attacks on critical infrastructure organizations. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
-
Russian hackers breached Polish power grid thanks to bad security, report says
The Polish government accused a Russian government hacking group of hacking into energy facilities taking advantage of default usernames and passwords. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/30/russian-hackers-breached-polish-power-grid-thanks-to-bad-security-report-says/
-
Hacking attack leaves Russian car owners locked out of their vehicles
Imagine the scene. It’s a cold Monday morning in Moscow. You walk out to your car, coffee in hand, ready to face the day. You press the button to unlock your car, and … nothing happens. You try again. Still nothing. The alarm starts blaring. You can’t turn it off. First seen on fortra.com Jump…
-
RAMP ransomware forum goes dark in probable FBI sting
RAMP, an infamous Russian-speaking cyber crime forum, has gone off the air after an apparent US operation. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366637992/RAMP-ransomware-forum-goes-dark-in-probable-FBI-sting