Tag: russia
-
Basketball player arrested for alleged ransomware ties freed in Russia-France prisoner swap
Daniil Kasatkin, 26, was seen in a video shared by Russian state news outlet TASS emerging from a plane that was then used to send French researcher Laurent Vinatier back to France. First seen on therecord.media Jump to article: therecord.media/france-frees-russian-basketball-player-ransomware-swap
-
Illicit Crypto Economy Surges as Nation-States Join in the Fray
Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/illicit-crypto-economy-surges-nation-states
-
Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations
Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia and Uzbekistan.The activity has been attributed to APT28 (aka BlueDelta), which was attributed to…
-
Russia’s Fancy Bear APT Doubles Down on Global Secrets Theft
The notorious Russian state-sponsored group relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-credentials-global-targets
-
Notorious Russian APT Nabs Credentials From Global Targets
Fancy Bear relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-credentials-global-targets
-
BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector
The post BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/bluedelta-espionage-russian-hackers-abuse-free-apps-to-target-energy-sector/
-
Cyber Retaliation Risks Rise After US-Venezuela Operation
CISA Warns of Retaliatory Cyber Action From Hostile State Actors After Venezuela. Federal cybersecurity officials are warning of a likely uptick in retaliatory cyber activity from China and Russia-linked threat actors after the U.S. military raid in Venezuela, urging infrastructure operators to brace for disruptive probing and attacks. First seen on govinfosecurity.com Jump to article:…
-
BlueDelta Hackers Target Microsoft OWA, Google, and Sophos VPN to Steal Credentials
A sophisticated credential-harvesting operation conducted by BlueDelta, a Russian state-sponsored threat group linked to the GRU’s Main Directorate, targeted critical infrastructure organizations and research institutions throughout 2025, according to a comprehensive investigation by Recorded Future’s Insikt Group. The campaign, spanning February through September 2025, represents a significant evolution in the group’s persistent credential-theft operations, with…
-
DDoSia Powers Affiliate-Driven Hacktivist Attacks
Pro-Russian group NoName057(16) uses a custom denial-of-service tool to mobilize volunteers and disrupt government, media, and institutional sites tied to Ukraine and the West. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ddosia-powers-volunteer-driven-hacktivist-attacks
-
Fake Booking.com emails and BSODs used to infect hospitality staff
Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake >>Blue Screen of Death
-
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025
Tags: apt, data, espionage, government, intelligence, malicious, military, monitoring, russia, spy, threat, ukraineRussia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. >>Recent monitoring data from the 360 “‹”‹Advanced…
-
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025
Tags: apt, data, espionage, government, intelligence, malicious, military, monitoring, russia, spy, threat, ukraineRussia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. >>Recent monitoring data from the 360 “‹”‹Advanced…
-
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025
Tags: apt, data, espionage, government, intelligence, malicious, military, monitoring, russia, spy, threat, ukraineRussia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. >>Recent monitoring data from the 360 “‹”‹Advanced…
-
Russian hackers target European hospitality industry with ‘blue screen of death’ malware
The scheme starts with a fake reservation cancellation that impersonates a popular booking site, and eventually prompts victims with an error message and “Blue Screen of Death” page. First seen on therecord.media Jump to article: therecord.media/russian-hackers-europe-hospitality-blue-screen
-
Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government
The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives.”This organization has continued to conduct high-intensity intelligence gathering activities against Ukrainian military and government departments in 2025,” the 360 Threat Intelligence Center said in First seen on thehackernews.com…
-
Hackers Steal $35M in Cryptocurrency Following LastPass Breach
Tags: attack, blockchain, breach, crypto, cyber, cybercrime, data-breach, encryption, hacker, intelligence, password, russiaRussian cybercriminals have laundered over $35 million in stolen cryptocurrency linked to the devastating 2022 LastPass breach, according to new forensic analysis by blockchain intelligence firm TRM Labs. The 2022 attack exposed encrypted password vaults belonging to roughly 30 million customers worldwide. While the vaults were initially protected by encryption, attackers who downloaded them could…
-
Time to restore America’s cyberspace security system
China’s campaign to break into our critical infrastructure and federal government networks is persistent and growing. Beijing is stealing information while also planting tools and maintaining access in key systems, giving it the option to pressure the United States in the future. Russia also continues to test our critical infrastructure with increasingly sophisticated operations, support…
-
Finnish Authorities Arrest Two Sailors in Probe Into Undersea Cable Disruption
Finnish authorities have detained a cargo vessel suspected of damaging an undersea telecommunications cable connecting Helsinki to Estonia. The incident has raised fresh concerns about potential hybrid warfare targeting critical infrastructure in the Baltic Sea region. The vessel, named Fitburg, was sailing from St. Petersburg, Russia, to Haifa, Israel, flying the flag of St Vincent…
-
Cryptocurrency theft attacks traced to 2022 LastPass breach
Blockchain investigation firm TRM Labs says ongoing cryptocurrency thefts have been traced to the 2022 LastPass breach, with attackers draining wallets years after encrypted vaults were stolen and laundering the crypto through Russian exchanges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cryptocurrency-theft-attacks-traced-to-2022-lastpass-breach/
-
Finnish Police Investigating New Undersea Cable Incident
Tags: russiaFinnish Border Guard Seize Cargo Ship Suspected of Causing Disruption. Finnish police on Wednesday seized a cargo ship sailing from Russia suspected of rupturing an undersea telecommunication cable connecting Helsinki to Estonia, a region of the Baltic Sea that is the site of a slew of suspected Russian cable sabotage incidents. First seen on govinfosecurity.com…
-
Discovering the Dimensions of a New Cold War
The United States’ plan for dealing with Putin’s Russia and Xi’s China remains ill-defined among a shifting global order. That must change. First seen on wired.com Jump to article: www.wired.com/story/discovering-the-dimensions-of-a-new-cold-war/
-
TDL 012 – The Architect of the Internet on the Future of Trust
Summary In this episode of The Defenders Log, Paul Mockapetris, the architect of DNS, discusses the evolving role of the Domain Name System from a simple directory to a sophisticated security tool. He posits that modern networking requires “making sure DNS doesn’t work when you don’t want it to,” comparing DNS filtering to essential services…
-
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
Tags: backup, blockchain, breach, crypto, cybercrime, data, data-breach, intelligence, password, russia, theftThe encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs.The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors…
-
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
Tags: backup, blockchain, breach, crypto, cybercrime, data, data-breach, intelligence, password, russia, theftThe encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs.The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors…
-
Best of 2025: Ukraine Pwns Russian Drone Maker, Gaskar is ‘Paralyzed’
Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources”¯”¯say. Gaskar Group, Russian designer of drones plaguing Ukraine’s skies, is in utter disarray. Or, at least, so says Ukrainian military intelligence. Hacker groups teamed up to steal and delete 57″¯TB of critical data and backups, preventing the company from..…

