Tag: russia
-
Russian APT28 Deploys “NotDoor” Backdoor Through Microsoft Outlook
APT28 hackers deploy NotDoor backdoor via Microsoft Outlook macros, using OneDrive sideloading to steal data and evade detection. First seen on hackread.com Jump to article: hackread.com/russian-apt28-notdoor-backdoor-microsoft-outlook/
-
$10M reward for Russia’s FSB officers accused of hacking US Critical infrastructure
US offers $10M for Russian FSB officers Tyukov, Gavrilov & Akulov, accused of attacking US critical infrastructure and over 500 energy firms worldwide. The US Department of State is offering up to $10M for info on FSB officers Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov, accused of hacking US infrastructure and over…
-
Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries
The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks targeting multiple companies from different sectors in NATO member countries.NotDoor “is a VBA macro for Outlook designed to monitor incoming emails for a specific trigger word,” S2 Grupo’s LAB52 threat intelligence team said. “When…
-
Ukraine’s cyber chief on Russian hackers’ shifting tactics, US cyber aid
A former information security professor with more than 25 years in the Ukrainian armed forces, Oleksandr Potii is blunt about Moscow’s capabilities: “We see that Russia’s technical level is high and its potential is strong. We cannot underestimate them.” First seen on therecord.media Jump to article: therecord.media/ukraine-cyber-chief-on-russia-hacks-us-aid
-
US Announces $10M Bounty on FSB Hackers Behind Cisco Exploits
Tags: awareness, cisco, cyber, cyberattack, exploit, government, hacker, infrastructure, network, russiaThe U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers. The officers are accused of carrying out cyberattacks on U.S. critical infrastructure and exploiting Cisco network equipment. This public notice aims to raise awareness and encourage anyone with useful information to come forward. According to…
-
US puts $10M bounty on three Russians accused of attacking critical infrastructure
Seven-year-old Cisco vuln that remains inexplicably unpatched is their way in First seen on theregister.com Jump to article: www.theregister.com/2025/09/04/us_10m_bounty_fsb_attackers/
-
Russia’s APT28 Targets Microsoft Outlook With ‘NotDoor’ Malware
The notorious Russian state-sponsored hacking unit, also known as Fancy Bear, is abusing Microsoft Outlook for covert data exfiltration. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/apt28-outlook-notdoor-backdoor
-
US offers $10 million bounty for info on Russian FSB hackers
The U.S. Department of State is offering a reward of up to $10 million for information on three Russian Federal Security Service (FSB) officers involved in cyberattacks targeting U.S. critical infrastructure organizations on behalf of the Russian government. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-offers-10-million-bounty-for-info-on-russian-fsb-hackers/
-
Russian APT28 Expands Arsenal with ‘NotDoor’ Outlook Backdoor
The backdoor is a sophisticated VBA-based malware targeting Microsoft Outlook First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russia-apt28-notdoor-outlook/
-
Amazon shuts down watering hole attack attributed to Russia’s APT29 hacking group
In October 2024, Amazon disrupted another APT29 operation that attempted to use phishing domains impersonating AWS. First seen on therecord.media Jump to article: therecord.media/amazon-shuts-down-apt29-watering-hole-attack
-
Amazon Stymies APT29 Credential Theft Campaign
A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft’s device code authentication flow. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/amazon-apt29-credential-theft-campaign
-
Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial
Ianis Aleksandrovich Antropenko allegedly committed ransomware attacks from 2018 to 2022. He’s been out on bond since his arrest almost a year ago, despite multiple run-ins with police. First seen on cyberscoop.com Jump to article: cyberscoop.com/ianis-antropenko-zeppelin-ransomware-russian-cybercrime/
-
Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely
Tags: russiaVon der Leyen’s plane faced suspected Russian GPS jamming in Bulgaria, but the EU chief landed safely, says European Commission. The EU confirmed that Ursula von der Leyen’s plane experienced GPS jamming while flying to Bulgaria. The European authorities suspect Russian interference, though the aircraft landed safely. Bulgarian officials provided the information, and the EU…
-
Europe Putin the blame on Russia after GPS jamming disrupts president’s plane
Tags: russiaBloc working on anti-jamming measures and plans extra sat to help First seen on theregister.com Jump to article: www.theregister.com/2025/09/02/eu_gps_jamming_russia_response/
-
Amazon disrupts Russian APT29 hackers targeting Microsoft 365
Researchers have disrupted an operation attributed to Russian state-sponsored threat group Midnight Blizzard, who sought access to Microsoft 365 accounts and data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amazon-disrupts-russian-apt29-hackers-targeting-microsoft-365/
-
Amazon Disrupts Russian APT29 Watering Hole Targeting Microsoft Authentication
Amazon has disrupted a Russian APT29 watering hole campaign that used compromised sites to target Microsoft authentication with… First seen on hackread.com Jump to article: hackread.com/amazon-disrupts-russia-apt29-watering-hole-microsoft-auth/
-
Amazon Stops Russian APT29 Watering Hole Attack Exploiting Microsoft Auth
The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/amazon-russian-apt29-watering-hole/
-
Russian-Linked ATP29 Makes Another Run at Microsoft Credentials
Amazon researchers disrupted a watering hole campaign by Russian-linked cyberespionage group APT29 designed to use compromised websites to trick users into giving the threat actors access to their Microsoft accounts and data via the tech giant’s device code authentication flow. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/russian-linked-atp29-makes-another-run-at-microsoft-credentials/
-
Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War
The post Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/beyond-defense-new-report-exposes-how-russian-cyber-firms-aid-the-kremlins-war/
-
Amazon blocks APT29 campaign targeting Microsoft device code authentication
Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites. Amazon announced that it had disrupted an opportunistic watering hole campaign orchestrated by the Russia-linked cyber espionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes). Amazon experts labeled the attacks as an opportunistic watering hole campaign using compromised…
-
Amazon Takes Down Russian APT29 Infrastructure Targeting Users
Tags: cyber, cybersecurity, group, hacking, infrastructure, intelligence, network, russia, threat, warfareAmazon’s cybersecurity team has successfully disrupted a sophisticated watering hole campaign orchestrated by APT29, a notorious hacking group linked to Russia’s Foreign Intelligence Service. The August 2025 operation represents the latest chapter in an ongoing cyber warfare battle between tech giants and state-sponsored threat actors seeking to infiltrate global networks and harvest sensitive credentials. APT29’s…
-
Dexter: Resurrection Finale Leaks Online in Russian Dub
Dexter: Resurrection finale leaks in Russian dub ahead of release. Episodes 9 and 10 surface online, echoing past… First seen on hackread.com Jump to article: hackread.com/dexter-resurrection-finale-leaks-online-in-russian-dub/
-
AWS catches Russia’s Cozy Bear clawing at Microsoft credentials
Look who’s visiting the watering hole these days First seen on theregister.com Jump to article: www.theregister.com/2025/08/29/aws_catches_russias_apt29_trying/
-
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts.The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s device code First seen on…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
Germany charges man over cyberattack on Rosneft subsidiary
German prosecutors charged a man with carrying out a damaging cyberattack on Rosneft Deutschland, the German subsidiary of Russia’s state-owned oil giant, in the weeks following Russia’s invasion of Ukraine. First seen on therecord.media Jump to article: therecord.media/germany-charges-cyberattack-rosneft
-
U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich Andreyev, DPRK official Kim Ung Sun, Chinese entity Shenyang Geumpungri Network Technology Co., Ltd. DPRK-based Korea Sinjin Trading Corporation for their involvement in a sophisticated fraudulent scheme involving information technology workers orchestrated by the Democratic…
-
Sting nails two front firms in Nork IT worker scam
There’s also a rogue Russian on the list First seen on theregister.com Jump to article: www.theregister.com/2025/08/27/us_treasury_korea_sanctions/
-
US sanctions Russian national and Chinese company over North Korean IT worker schemes
The U.S. Treasury Department announced new sanctions targeting key players in North Korea’s ongoing scheme to get its citizens hired as IT workers at American companies. First seen on therecord.media Jump to article: therecord.media/us-sanctions-company-national-north