Tag: russia
-
Britain targets Kyrgyz crypto networks aiding Kremlin with sanctions
The United Kingdom imposed a new tranche of sanctions targeting financial institutions and cryptocurrency networks in Kyrgyzstan that are accused of facilitating Russian sanctions evasion. First seen on therecord.media Jump to article: therecord.media/britain-targets-kyrgyz-crypto
-
Fake Antivirus App Spreads Android Malware to Spy on Russian Users
Doctor Web warns of Android.Backdoor.916.origin, a fake antivirus app that spies on Russian users by stealing data, streaming… First seen on hackread.com Jump to article: hackread.com/fake-antivirus-app-android-malware-spy-russian-users/
-
Russian cyber group exploits seven-year-old network vulnerabilities for long-term espionage
The group, linked to FSB Center 16, has been scanning the internet for end-of-life software, which it has found in droves. First seen on cyberscoop.com Jump to article: cyberscoop.com/russian-static-tundra-hacks-cisco-network-devices-cve-2018-0171/
-
Scaly Wolf Unleashing Attacks to Expose Organizations’ Hidden Secrets
The Scaly Wolf advanced persistent threat (APT) gang has once again targeted a Russian engineering company in a sophisticated targeted attack that was discovered by Doctor Web’s analysts. This shows that the group is determined to obtain corporate secrets. This incident, occurring in mid-2025, echoes a similar assault in 2023, where the group employed modular…
-
Scaly Wolf Unleashing Attacks to Expose Organizations’ Hidden Secrets
The Scaly Wolf advanced persistent threat (APT) gang has once again targeted a Russian engineering company in a sophisticated targeted attack that was discovered by Doctor Web’s analysts. This shows that the group is determined to obtain corporate secrets. This incident, occurring in mid-2025, echoes a similar assault in 2023, where the group employed modular…
-
Scaly Wolf Unleashing Attacks to Expose Organizations’ Hidden Secrets
The Scaly Wolf advanced persistent threat (APT) gang has once again targeted a Russian engineering company in a sophisticated targeted attack that was discovered by Doctor Web’s analysts. This shows that the group is determined to obtain corporate secrets. This incident, occurring in mid-2025, echoes a similar assault in 2023, where the group employed modular…
-
Russian investment platform confirms cyberattack by pro-Ukraine hackers
The Russian platform Investment Projects said it is working to restore its infrastructure following a cyberattack claimed by the pro-Ukraine group Cyber Anarchy Squad. First seen on therecord.media Jump to article: therecord.media/russia-cyberattack-investment-platform-ukraine
-
Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/static-tundra/
-
Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/static-tundra/
-
Russia-linked European attacks renew concerns over water cybersecurity
Water utilities should remain vigilant: Although most water facility operators have received repeated warnings over the years that they are desirable targets for Russian, Iranian, and Chinese threat actors, experts say these latest incidents underscore the need to remain vigilant and step up security efforts. If water assets owners have “any kind of control system online,…
-
Russian Hacktivists Take Aim at Polish Power Plant, Again
This attack was seemingly more successful than the first iteration, causing disruptions at the plant. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-hacktivists-polish-power-plant-attack
-
Cryptomining group Kinsing expands operations to Russia, researchers warn
Russia-based cybersecurity firm F6 said the attacks began in April and infected devices with Kinsing and XMRig malware, tools commonly used to mine the cryptocurrency Monero. First seen on therecord.media Jump to article: therecord.media/cryptomining-group-kinsing-hits-russia
-
UK’s Colt hit by cyberattack, support systems offline amid ransom threat
Tags: api, attack, china, communications, cve, cyberattack, data, data-breach, exploit, finance, flaw, group, infrastructure, Internet, microsoft, network, programming, ransom, rce, remote-code-execution, russia, service, software, threat, update, vulnerabilitywith samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a…
-
Someone’s poking the bear with infostealers targeting Russian crypto developers
If you wanted to hurt Putin’s ransomware racketeers, these info-stealing npm packages are one way to do it First seen on theregister.com Jump to article: www.theregister.com/2025/08/18/solana_infostealer_npm_malware/
-
Water Systems Under Attack: Norway, Poland Blame Russia Actors
Water and wastewater systems have become a favored target of nation-state actors, drawing increasing scrutiny following attacks on systems in multiple countries. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/water-systems-attack-norway-poland-russia-actors
-
Hacker Alleges Russian Government Role in Kaseya Cyber-Attack
In a new investigation launched at DEFCON 33, Analyst1’s Jon DiMaggio revealed probable Russian government involvement in the Kaseya attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hacker-russian-government-kaseya/
-
BlackSuit ransomware crew loses servers, domains, and $1m in global shakedown
US cops yank servers, domains, and crypto from the Russia-linked gang – but the crooks remain at large First seen on theregister.com Jump to article: www.theregister.com/2025/08/12/blacksuit_ransomware_crew_loses_servers/
-
Russian-Linked Curly COMrades Deploy MucorAgent Malware in Europe
A new report from Bitdefender reveals the Russian-linked hacking group Curly COMrades is targeting Eastern Europe with a… First seen on hackread.com Jump to article: hackread.com/russian-curly-comrades-mucoragent-malware-europe/
-
US reveals it seized $1 million worth of Bitcoin from Russian BlackSuit ransomware gang
The United States Department of Justice has revealed that the recent takedown of the BlackSuit ransomware gang’s servers, domains, and dark web extortion site, also saw the seizure of US $1,091,453 worth of cryptocurrency. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/us-reveals-it-seized-1-million-worth-of-bitcoin-from-russian-blacksuit-ransomware-gang
-
Dutch Investigators Blame Hacks on Multiple Threat Actors
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/12/winrar-zero-day-cve-2025-8088-attacks/
-
Russian APT28’s LameHug, a Pilot for Future AI Cyber-Attacks
While “fairly primitive”, APT28’s LameHug was a testbed for future AI-powered attacks, said two MITRE experts during Black Hat USA 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mitre-russian-apt28-lamehug/
-
9 things CISOs need know about the dark web
Tags: 2fa, access, ai, attack, automation, backup, blockchain, botnet, breach, captcha, ceo, ciso, communications, corporate, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, ddos, deep-fake, defense, detection, dns, exploit, extortion, finance, fraud, group, guide, hacking, identity, incident, incident response, infrastructure, intelligence, international, jobs, law, leak, lockbit, malicious, malware, marketplace, mfa, monitoring, network, open-source, phishing, privacy, ransomware, resilience, risk, russia, saas, scam, service, strategy, tactics, technology, threat, tool, training, vpn, vulnerability, zero-dayNew groups form after major marketplaces are disrupted: International takedown efforts damage infrastructure and curb cybercrime operations by disrupting larger operations, removing major players from the ecosystem and scattering user bases.However, the dark web is highly adaptive and sophisticated actors often maintain contingency plans, including mirrors, backups, and alternative forums, according to Edward Currie, associate…
-
Dutch Investigators Blame Multiple Threat Actors on Hacks
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
US government seized $1M from Russian ransomware gang
A global law enforcement coalition targeted the infrastructure of the group behind the Royal and BlackSuit ransomware strains, allegedly responsible for extorting victims out of $370 million since 2022. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/11/u-s-government-seized-1-million-from-russian-ransomware-gang/
-
Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks
A few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploit First seen on theregister.com Jump to article: www.theregister.com/2025/08/11/russias_romcom_among_those_exploiting/
-
REvil Actor Accuses Russia of Planning 2021 Kaseya Attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack’s execution. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/revil-actor-russia-planning-2021-kaseya-attack
-
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian ‘RomCom’ hacking group to drop different malware payloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/details-emerge-on-winrar-zero-day-attacks-that-infected-pcs-with-malware/
-
House lawmakers seek better tech for Commerce in fight against foreign powers
A bipartisan bill from Reps. Crow and Kean would give the Bureau of Industry and Security IT upgrades to help keep U.S. dual-use technologies away from Russia, China and others. First seen on cyberscoop.com Jump to article: cyberscoop.com/commerce-bureau-of-industry-security-tech-upgrades-china-russia/
-
Finland charges captain of suspected Russian ‘shadow fleet’ tanker for subsea cable damage
In a statement on Monday, Finland’s National Prosecution Authority said they had brought aggravated criminal mischief and aggravated interference with communications charges against the three senior officers aboard the Eagle S, a tanker registered in the Cook Islands. First seen on therecord.media Jump to article: therecord.media/finland-charges-captain-russia-ghost-fleet-undersea-cable