Tag: russia
-
AI-Powered Drones: Ukraine’s Historic Strikes on Russian Aircraft
Ukraine’s AI-powered FPV drones redefine warfare, featuring advancements in military technology and cost-effective strategies. Learn more! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/ai-powered-drones-ukraines-historic-strikes-on-russian-aircraft/
-
‘Russian Market’ emerges as a go-to shop for stolen credentials
The “Russian Market” cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-market-emerges-as-a-go-to-shop-for-stolen-credentials/
-
Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
A report on the dark web marketplace Russian Market showed Acreed has emerged as the leading infostealer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/acreed-dominant-infostealer-lumma/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 47
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents Inside a VenomRAT Malware Campaign Fake Google Meet Page Tricks Users into Running PowerShell Malware…
-
A Hacker May Have Deepfaked Trump’s Chief of Staff in a Phishing Campaign
Plus: An Iranian man pleads guilty to a Baltimore ransomware attack, Russia’s nuclear blueprints get leaked, a Texas sheriff uses license plate readers to track a woman who got an abortion, and more. First seen on wired.com Jump to article: www.wired.com/story/trump-chief-staff-susie-wiles-hacker-phishing-impersonation/
-
Germany doxxes Conti ransomware and TrickBot ring leader
The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich Kovalev. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/germany-doxxes-conti-ransomware-and-trickbot-ring-leader/
-
Damascened Peacock: Russian hackers targeted UK Ministry of Defence
The UK’s Ministry of Defence has revealed that it was the target of a sophisticated cyber attack that saw Russia-linked hackers pose as journalists. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/damascened-peacock-russian-hackers-targeted-uk-ministry-of-defence
-
DDoS incident disrupts internet for thousands in Moscow
Russian internet service provider ASVT blamed widespread outages on a DDoS incident and attributed it to a pro-Ukraine collective. First seen on therecord.media Jump to article: therecord.media/moscow-internet-provider-asvt-ddos-attack
-
Dutch police hit by Russian-linked hackers
First seen on scworld.com Jump to article: www.scworld.com/brief/dutch-police-hit-by-russian-linked-hackers
-
Trojanized Word files harnessed in new Russian cyberespionage campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/trojanized-word-files-harnessed-in-new-russian-cyberespionage-campaign
-
Russian hackers Void Blizzard step up espionage campaign
First seen on scworld.com Jump to article: www.scworld.com/news/russian-hackers-void-blizzard-step-up-espionage-campaign
-
Microsoft, Dutch government discover new Russian hacking group
The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-ukraine-logistics-laundry-bear-microsoft-netherlands/749143/
-
Russian APT28 Hackers Attacking NATO-aligned Organizations to Steal Sensitive Data
Russia’s GRU-backed APT28, widely known as Fancy Bear, has intensified its cyber espionage campaign against NATO-aligned organizations. Active since at least 2007, this notorious threat actor has been attributed to a series of sophisticated attacks targeting critical infrastructure, government entities, and logistics firms across the United States, United Kingdom, Germany, Canada, Poland, Ukraine, and other…
-
Microsoft, Dutch government spot new Russian hacking group targeting critical infrastructure
The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-ukraine-logistics-laundry-bear-microsoft-netherlands/749143/
-
Ukraine detains alleged Russian spies who used dash cams to guide missile strikes
The suspects allegedly parked cars with activated dash cams near military targets and left them to record for up to 12 hours. First seen on therecord.media Jump to article: therecord.media/ukraine-detains-russian-spies-using-dashcams-missile-strikes
-
Ukraine tallies up Russian cyberattacks on local media since start of war
Ukraine’s SSSCIP agency said Russia has been responsible for more than 200 incidents against media outlets since the start of the war, including wiper attacks, DDoS incidents and disinformation campaigns. First seen on therecord.media Jump to article: therecord.media/ukraine-media-cyberattacks-russia-ssscip-report
-
Russian IT pro sentenced to 14 years forced labor for sharing medical data with Ukraine
The latest in a long line of techies to face Putin’s wrath First seen on theregister.com Jump to article: www.theregister.com/2025/05/28/russian_it_pro_sentenced_to/
-
SilentWerewolf Attack Combines Legitimate Tools with Code Obfuscation for Stealthy Infiltration
The threat actor dubbed SilentWerewolf has employed advanced phishing techniques to infiltrate organizations in Russia and Moldova, focusing on critical sectors such as nuclear energy, aircraft, and mechanical engineering. Starting on March 11, the first campaign used spearphishing emails with malicious links to distribute ZIP archives containing a novel C# loader disguised as legal documents.…
-
New Russian State Hacking Group Hits Europe and North America
A newly-discovered Russian group, Void Blizzard, has successfully compromised organizations in critical industries, Microsoft warned First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-state-group-europe-america/
-
Void Blizzard: New Russian Cyberespionage Group Targets NATO and Ukraine
Microsoft Threat Intelligence has identified a cyberespionage campaign by a newly recognized Russia-affiliated actor named Void Blizzard, also First seen on securityonline.info Jump to article: securityonline.info/void-blizzard-new-russian-cyberespionage-group-targets-nato-and-ukraine/
-
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police
Tags: access, api, apt, attack, authentication, blizzard, cloud, credentials, data, defense, detection, edr, email, fido, framework, group, hacker, identity, least-privilege, login, mfa, microsoft, open-source, passkey, password, phishing, qr, risk, russia, siem, spear-phishing, switch, threat, toolSwitch to spear phishing: In recent months the group seems to have pivoted from password spraying to targeted spear phishing attacks that direct users to fake Microsoft Entra login pages using adversary-in-the-middle (AitM) techniques. Such a campaign led to the compromise of 20 NGOs in April.In its campaign against NGOs, Void Blizzard sent emails masquerading…
-
New Russian state-sponsored APT quickly gains global reach, hitting expansive targets
Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands’ national police force in September 2024, Microsoft researchers said. First seen on cyberscoop.com Jump to article: cyberscoop.com/laundry-bear-void-blizzard-russia-apt/
-
Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
A Russian court sentenced a former hospital programmer to 14 years in a high-security penal colony for allegedly leaking personal data of Russian soldiers to Ukraine, authorities said. First seen on therecord.media Jump to article: therecord.media/russian-programmer-gets-14-years-for-leaking-info-to-ukraine
-
NATO Countries Targeted By New Russian Espionage Group
‘Laundry Bear’ Has Been Active Since 2024. Dutch intelligence agencies and Microsoft say a novel Russian state intelligence hacking group is likely buying stolen credentials from criminal marketplaces to gain entry to North American and European networks. It has a specific interest in European Union and NATO member states. First seen on govinfosecurity.com Jump to…
-
Danabot Takedown Deals Blow to Russian Cybercrime
A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet’s US-based infrastructure and indictments for its key players, significantly disrupting a vast cybercriminal enterprise. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/danabot-takedown-russian-cybercrime
-
US authorities charge 16 in operation to disrupt DanaBot malware
Authorities said malware linked to Russia-based cybercrime group infected more than 300,000 computers around the world with the malicious code. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/us-authorities-disrupt-danabot-malware/748991/
-
Russia-linked APT Laundry Bear linked to 2024 Dutch Police attack
A new Russia-linked APT group, tracked as Laundry Bear, has been linked to a Dutch police security breach in September 2024. Netherlands General Intelligence and Security Service (AIVD) and the Netherlands Defence Intelligence and Security Service (MIVD) have linked a previously undetected Russia-linked group, tracked Laundry Bear (aka Void Blizzard), to a 2024 police breach.…
-
Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group
The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/27/microsoft-dutch-security-agencies-lift-veil-on-laundry-bear-void-blizzard-cyber-espionage-group/
-
Microsoft Alerts on Void Blizzard Hackers Targeting Telecommunications and IT Sectors
Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global cloud abuse activities orchestrated by a threat actor tracked as Void Blizzard, also known as LAUNDRY BEAR. Assessed with high confidence to be Russia-affiliated, Void Blizzard has been active since at least April 2024, focusing its cyberespionage operations on NATO…