Tag: russia
-
Russia’s Fancy Bear Targeting Logistics, IT Firms
The mission is to gather information that could help Russia in its war against Ukraine. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cisa-russia-fancy-bear-targeting-logistics-it-firms
-
Russia-aligned hackers target Tajikistan in new espionage campaign
The hackers used phishing emails containing government-themed lure documents to gain access to targeted systems. First seen on therecord.media Jump to article: therecord.media/russia-hackers-target-tajikistan-espionage
-
Cryptohack Roundup: 12 Charged in $263M Theft Case
Also: Charges in Unicoin Case, Jury Convicts SafeMoon Ex-CEO. This week, charges in $263 million theft and Unicoin cases, a jury convicted ex-CEO of SafeMoon, U.S. SEC X account hacker sentenced, Hong Kong police arrested dozens for money laundering, Russian police arrested the Blum co-founder. Israeli police arrested an alleged Nomad Bridge money launderer. First…
-
Russian hacker group Killnet returns with new identity
Earlier this month, Killnet claimed it had hacked Ukraine’s drone-tracking system after disappearing from public view in 2023. First seen on therecord.media Jump to article: therecord.media/russian-hacker-group-killnet-returns-with-new-identity
-
Russia expected to pass experimental law that tracks foreigners in Moscow via smartphones
4-year trial is second major initiative this year that clamps down on ‘illegal immigrants’ First seen on theregister.com Jump to article: www.theregister.com/2025/05/22/russia_expected_to_pass_experimental/
-
Feds and Microsoft crush Lumma Stealer that stole millions of passwords
Tags: access, breach, control, cyber, cybercrime, cybersecurity, infrastructure, malware, microsoft, password, russia, service, software, threat, tool2,300 domains neutralized, command infrastructure seized: As part of the legal action filed in the US District Court for the Northern District of Georgia, Microsoft secured authorization to seize and disrupt a core component of Lumma’s ecosystem: its domain infrastructure. These domains acted as communication nodes between infected devices and the malware’s operators.According to the…
-
Western Logistics and Tech Firms Targeted by Russia’s APT28
NSA, NCSC and allies warn Western tech and logistics firms of Russian APT28 cyber-espionage threat First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/western-logistics-tech-firms/
-
Russia-linked APT28 targets western logistics entities and technology firms
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology companies moving supplies into Ukraine, US CISA warns. TheAPT28group (akaFancy Bear,Pawn Storm,Sofacy Group,Sednit,BlueDelta, andSTRONTIUM)has been active since at least 2007 and it…
-
Russian hackers breach orgs to track aid routes to Ukraine
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-breach-orgs-to-track-aid-routes-to-ukraine/
-
Police Operation and Microsoft Take Down Lumma Infostealer
User Panels and Command and Control Domains Seized. Law enforcement and Microsoft struck a blow against malware used to steal login credentials and financial data, seizing the central command structure and thousands of online domains used to control the Lumma Stealer. Lumma first appeared on Russian-language speaking cybercriminal forums in 2022. First seen on govinfosecurity.com…
-
Russia’s Fancy Bear swipes a paw at logistics, transport orgs’ email servers
Their connection? Aiding Ukraine, duh First seen on theregister.com Jump to article: www.theregister.com/2025/05/21/russias_fancy_bear_alert/
-
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
Tags: cyber, email, exploit, hacker, intelligence, military, russia, service, spy, technology, threat, ukraine, vpn, vulnerabilityRussian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022.The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military Unit…
-
Multi-national warning issued over Russia’s targeting of logistics, tech firms
Tags: russiaThe campaign traces back at least to early 2022, coinciding with the start of Russia’s full-scale invasion of Ukraine. First seen on cyberscoop.com Jump to article: cyberscoop.com/russian-apt28-cyberattacks-target-western-logistics-ukraine/
-
Russian Intelligence Hackers Stalk Western Logistics Firms
Tags: cctv, cybersecurity, government, hacker, hacking, intelligence, Internet, military, russia, technologyWestern Governments Publish Warning Over Unit 26165 Activities. A slew of Western cybersecurity agencies warned Wednesday that Russian intelligence is targeting logistics and technology companies in a prolonged hacking campaign that includes an emphasis on internet-connected cameras situated along border crossings and military installations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-intelligence-hackers-stalk-western-logistics-firms-a-28449
-
NCSC: Russia’s Fancy Bear targeting logistics, tech organisations
The NCSC and its partner agencies have blown the whistle on an extensive campaign of malicious cyber attacks orchestrated by the Russian state Fancy Bear operation. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366624164/NCSC-Russias-Fancy-Bear-targeting-logistics-tech-orgs
-
Russia to enforce location tracking app on all foreigners in Moscow
The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/government/russia-to-enforce-location-tracking-app-on-all-foreigners-in-moscow/
-
Russia stepping up attacks on firms aiding Ukraine, Western nations warn
One of Moscow’s most infamous hacker teams is targeting logistics and technology companies supporting Kyiv’s war effort. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-hacking-ukraine-aid-logistics-tech-companies-advisory/748723/
-
PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram
A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some reports), has surfaced as a significant cyber threat, targeting sensitive data such as web browser passwords and application session tokens. First observed in the wild around April 2025, this malware is believed to have roots in Russian-speaking cybercrime communities, with indicators…
-
Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms
Twenty-one intelligence agencies from 11 allied nations pointed to the Russian hacking operation known as Fancy Bear or APT28 as the source of a widespread campaign to hack into Western logistics and technology companies. First seen on therecord.media Jump to article: therecord.media/western-intelligence-alert-russia-hackers-logistics-fancy-bear-apt28
-
Russian GRU’s APT28 Targets Global Logistics Supporting Ukraine Defense
A new Joint Cybersecurity Advisory issued in May 2025 by a coalition of cybersecurity and intelligence agencies across First seen on securityonline.info Jump to article: securityonline.info/russian-grus-apt28-targets-global-logistics-supporting-ukraine-defense/
-
EU sanctions target individuals, organizations behind Russia’s disinformation and sabotage operations
Members of the Russian military intelligence unit GRU, as well as individuals involved in promoting Kremlin narratives through social media campaigns, were targeted with the sanctions. First seen on therecord.media Jump to article: therecord.media/eu-sanctions-orgs-individuals-tied-to-russia-disinformation
-
PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky.”The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same period in 2024,” the cybersecurity vendor said.The attack…
-
Nation-state APTs ramp up attacks on Ukraine and the EU
Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/21/apt-groups-attacks-eu-ukraine/
-
Major Russian state services disrupted, reportedly due to cyberattack
Internet monitoring services showed ongoing disruptions to Russia’s tax service, as well as services for managing secure digital keys and documents (Saby), among others. First seen on therecord.media Jump to article: therecord.media/major-russian-state-services-disrupted-ddos
-
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-apt-intensify-cyber/
-
Hackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted Attacks
Russian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) model, Pure malware allows cybercriminals to purchase and deploy it with ease. While the campaign began in March 2023, the first third of 2025 witnessed a staggering fourfold increase in…
-
Malicious PyPI package sets sights on Russian developers
First seen on scworld.com Jump to article: www.scworld.com/brief/malicious-pypi-package-sets-sights-on-russian-developers
-
US cessation of offensive cyber operations against Russia downplayed
First seen on scworld.com Jump to article: www.scworld.com/brief/us-cessation-of-offensive-cyber-operations-against-russia-downplayed
-
Russia-linked disinformation floods Poland, Romania as voters cast ballots
Romania and Poland have each reported increased Russian disinformation activity ahead of their presidential elections, with authorities warning the Kremlin-backed network Doppelgänger is actively attempting to influence voters. First seen on therecord.media Jump to article: therecord.media/russia-disinformation-poland-presidential-election
-
SolarWinds security chief on the risks and rewards of being a CISO
At the RSA Conference in San Francisco this year, Tim Brown talked about the protection CISOs need, Russia’s continued attempts to launch attacks and how companies can navigate the treacherous waters of cyber incidents. First seen on therecord.media Jump to article: therecord.media/solarwinds-security-chief-tim-brown-interview