Tag: russia
-
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say. First seen on therecord.media Jump to article: therecord.media/russia-linked-breaches-ukraine-living-off-the-land
-
Researchers warn of Qilin ransomware gang after group hit hundreds of orgs this year
In October alone, the suspected Russia-based group added more than 185 victims to its leak site, claiming to be behind recent cybersecurity incidents at Japanese beverage giant Asahi, the Texas city of Sugar Land, a county government in North Carolina and multiple power companies in Texas. First seen on therecord.media Jump to article: therecord.media/qilin-ransomware-gang-hits-hundreds-of-orgs-2025
-
More Collins Aerospace Hacking Fallout
Everest Extortion Group Lists Dublin Airport. A Russian data extortion group threatened Sunday to release passenger data putatively stolen from the Dublin Airport days after its operator said it investigated a breach stemming from a September cybersecurity incident that affected airports across Europe. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/more-collins-aerospace-hacking-fallout-a-29848
-
Italian-made spyware spotted in breaches of Russian, Belarusian systems
The Dante spyware from Memento Labs, the successor to the notorious Italian company Hacking Team, was part of espionage operations against targets in Russia and Belarus, researchers at Kaspersky said. First seen on therecord.media Jump to article: therecord.media/memento-labs-formerly-hacking-team-dante-spyware-russia-kaspersky
-
Critical Chrome 0-Day Under Attack: Mem3nt0 Mori Hackers Actively Exploiting Vulnerability
In March 2025, security researchers at Kaspersky detected a sophisticated campaign exploiting a previously unknown Chrome vulnerability to deliver advanced spyware to high-profile targets. The attack, dubbed Operation ForumTroll, leveraged personalized phishing links to compromise organizations across Russia, including media outlets, universities, research centers, government agencies, and financial institutions. A single click on a malicious…
-
Chatbots Are Pushing Sanctioned Russian Propaganda
ChatGPT, Gemini, DeepSeek, and Grok are serving users propaganda from Russian-backed media when asked about the invasion of Ukraine, new research finds. First seen on wired.com Jump to article: www.wired.com/story/chatbots-are-pushing-sanctioned-russian-propaganda/
-
Security Affairs newsletter Round 547 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed CVE-2025-59287: Microsoft fixes critical WSUS…
-
Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed
A DDoS attack on Russia’s food safety agency Rosselkhoznadzor disrupted food shipments by crippling its VetIS and Saturn tracking systems. A DDoS cyberattack on Russia’s food safety agency, Rosselkhoznadzor, disrupted nationwide food shipments by knocking offline its VetIS and Saturn tracking systems for agricultural products and chemicals. Rosselkhoznadzor (РоÑÑельхознадзор) is the Federal Service for Veterinary…
-
Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems
Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, chatgpt, china, ciso, cloud, computing, container, control, credentials, crime, cve, cyber, cyberattack, cybersecurity, data, defense, detection, email, exploit, extortion, finance, flaw, framework, fraud, google, governance, government, group, guide, hacker, hacking, healthcare, iam, identity, incident response, intelligence, LLM, malicious, malware, mitigation, monitoring, network, open-source, openai, organized, phishing, ransom, risk, risk-management, russia, sans, scam, service, skills, soc, strategy, supply-chain, technology, theft, threat, tool, training, vulnerability, zero-trustAs organizations eagerly adopt AI, cybersecurity teams are racing to protect these new systems. In this special edition of the Cybersecurity Snapshot, we round up some of the best recent guidance on how to fend off AI attacks, and on how to safeguard your AI systems. Key takeaways Developers are getting new playbooks from groups…
-
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments
A veterinary certification platform and systems that track products and chemicals were among the tools disrupted by a DDoS incident, Russia’s food safety watchdog said. First seen on therecord.media Jump to article: therecord.media/russia-food-safety-agency-rosselkhoznadzor-ddos-attack
-
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments
A veterinary certification platform and systems that track products and chemicals were among the tools disrupted by a DDoS incident, Russia’s food safety watchdog said. First seen on therecord.media Jump to article: therecord.media/russia-food-safety-agency-rosselkhoznadzor-ddos-attack
-
Cyber exec with lavish lifestyle charged with selling secrets to Russia
The 0-days have left the building First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/former_l3harris_cyber_director_charged/
-
US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer
The U.S. Department of Justice accused Peter Williams, former general manager of L3Harris’ hacking division Trenchant, of stealing trade secrets and selling them to a buyer in Russia. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/23/u-s-government-accuses-former-l3harris-cyber-boss-of-stealing-trade-secrets/
-
Ex-L3Harris executive accused of selling trade secrets to Russia
The Department of Justice filed charges against Peter Williams, an Australian national who served as general manager of Trenchant, a specialized cybersecurity division within L3Harris. First seen on cyberscoop.com Jump to article: cyberscoop.com/ex-l3harris-executive-accused-of-selling-trade-secrets-to-russia/
-
Kremlin Shaping Cybercrime Into Deniable Geopolitical Tool
Moscow Crackdowns ‘Less About Enforcement and More About Optics,’ Say Experts. Changing forces are reshaping the Russian cybercrime ecosystem, as the Kremlin takes a more direct role in leveraging ransomware and other groups for geopolitical influence, while not hesitating to occasionally burn lower-level players as a diplomatic token gesture, say researchers. First seen on govinfosecurity.com…
-
Hackers posing as Kyrgyz officials target Russian agencies in cyber espionage campaign
A hacker group known as Cavalry Werewolf has launched a months-long cyber espionage campaign targeting Russia’s public sector as well as energy, mining and manufacturing companies. First seen on therecord.media Jump to article: therecord.media/hackers-pose-kyrgyz-officials-russia-cyber-espionage
-
Russia, China Will Weaponize UN Cyber Treaty, FDD Warns
Foundation for Defense of Democracies Warns Against Aligning With New Cyber Treaty. The United Nations’ cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms – despite U.S. opposition and mounting civil society alarm, analysts warned Thursday. First seen on govinfosecurity.com…
-
Russia, China Will Weaponize UN Cyber Treaty, FDD Warns
Foundation for Defense of Democracies Warns Against Aligning With New Cyber Treaty. The United Nations’ cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms – despite U.S. opposition and mounting civil society alarm, analysts warned Thursday. First seen on govinfosecurity.com…
-
Russia, China Will Weaponize UN Cyber Treaty, FDD Warns
Foundation for Defense of Democracies Warns Against Aligning With New Cyber Treaty. The United Nations’ cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms – despite U.S. opposition and mounting civil society alarm, analysts warned Thursday. First seen on govinfosecurity.com…
-
Russia, China Will Weaponize UN Cyber Treaty, FDD Warns
Foundation for Defense of Democracies Warns Against Aligning With New Cyber Treaty. The United Nations’ cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms – despite U.S. opposition and mounting civil society alarm, analysts warned Thursday. First seen on govinfosecurity.com…
-
PhantomCaptcha RAT Attack Targets Aid Groups Supporting Ukraine
SentinelLABS’ research reveals PhantomCaptcha, a highly coordinated, one-day cyber operation on Oct 8, 2025, targeting the International Red Cross, UNICEF, and Ukraine government groups using fake emails and a Remote Access Trojan (RAT) linked to Russian infrastructure. First seen on hackread.com Jump to article: hackread.com/phantomcaptcha-rat-attack-targets-ukraine/
-
Russian Hackers Pivot Fast With New “ROBOT” Malware Chain
Russian hackers launched a new “ROBOT” malware chain after LOSTKEYS was exposed. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/russian-hackers-pivot-fast-with-new-robot-malware-chain/
-
New Python-Based RAT Disguised as Minecraft App Steals Sensitive User Data
Threat researchers at Netskope have uncovered a sophisticated new Remote Access Trojan (RAT) written in Python that masquerades as >>Nursultan Client,
-
Russia’s Coldriver Ramps Up Malware Development After LostKeys Exposure
Google threat researchers in May publicized the Russian-based threat group Coldriver’s LostKeys credential-stealing malware. However, five days later, the bad actors launched three new malware families that they developed rapidly and used aggressively in their campaigns. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/russias-coldriver-ramps-up-malware-development-after-lostkeys-exposure/
-
Russia’s Coldriver Ramps Up Malware Development After LostKeys Exposure
Google threat researchers in May publicized the Russian-based threat group Coldriver’s LostKeys credential-stealing malware. However, five days later, the bad actors launched three new malware families that they developed rapidly and used aggressively in their campaigns. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/russias-coldriver-ramps-up-malware-development-after-lostkeys-exposure/
-
Russia Pivots, Cracks Down on Resident Hackers
Thanks to improving cybersecurity and law enforcement action from the West, Russia’s government is reevaluating which cybercriminals it wants to give safe haven from the law. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/russia-cracks-down-low-level-hackers
-
‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools
Tags: access, attack, authentication, awareness, captcha, ceo, communications, control, credentials, cyber, cybersecurity, data, defense, detection, edr, email, endpoint, espionage, exploit, group, hacker, incident response, least-privilege, login, malicious, malware, mfa, monitoring, network, phishing, powershell, russia, strategy, tactics, theft, threat, tool, training, update, vulnerability, vulnerability-management, zero-trustEvolving tactics and strategies: Analysts said ColdRiver, which for years focused on credential theft and email account compromise, is shifting toward multi-stage intrusions that rely on users to execute malicious code.By using ClickFix pages that mimic CAPTCHA verification screens, the group can bypass email security filters and deliver malware directly to victims’ devices, increasing the…
-
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky.The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed at government entities in Latin America and…
-
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky.The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed at government entities in Latin America and…
-
Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been quickly upgrading its malware since May 2025, when its LOSTKEYS malware was exposed. According to Google’s Threat Intelligence Group, the hackers have been rolling out frequent updates and…