Tag: russia
-
UK Sanctions 3 Russian Military Cyber Units
Leaders of the Russian Military Intelligence Units of the GRU Also Targeted. The U.K. government on Friday sanctioned three Russian Military Intelligence Service units 29155, 26165 and 74455 in the United Kingdom and Ukraine. The sanctions also targeted 18 Russian officials for their role in GRU cyber operations dating back to 2013. First seen on…
-
Europol Sting Leaves Russian Cybercrime’s ‘NoName057(16)’ Group Fractured
National authorities have issued seven arrest warrants in total relating to the cybercrime collective known as NoName057(16), which recruits followers to carry out DDoS attacks on perceived enemies of Russia. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/europol-sting-russian-cybercrime-noname05716
-
Cyberangriff auf einen Öl- und Gasproduzent in Russland?
Ukrainian hackers wipe databases at Russia’s Gazprom in major cyberattack, intelligence source says First seen on kyivindependent.com Jump to article: kyivindependent.com/ukrainian-intel-hackers-hit-gazproms-network-infrastructure-sources-say-07-2025/
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
UK ties GRU to stealthy Microsoft 365 credential-stealing malware
The UK National Cyber Security Centre (NCSC) has formally attributed ‘Authentic Antics’ espionage malware attacks to APT28 (Fancy Bear), threat actor already linked to Russia’s military intelligence service (GRU). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-ties-russian-gru-to-authentic-antics-credential-stealing-malware/
-
Russian alcohol retailer WineLab closes stores after ransomware attack
WineLab, the retail store of the largest alcohol company in Russia, has closed its stores following a cyberattack that is impacting its operations and causing purchase problems to its customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-alcohol-retailer-winelab-closes-stores-after-ransomware-attack/
-
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Tags: cyber, cyberespionage, cybersecurity, espionage, finance, government, group, hacker, military, russia, toolFancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit 26165, pursues motivations encompassing financial gain, reputational sabotage, espionage, and political agendas. Their operations frequently…
-
Ukraine Pwns Russian Drone Maker, Gaskar is ‘Paralyzed’
All Your UAVs Are Belong to UKR: Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/ukraine-hacks-russian-drone-maker-gaskar-richixbw/
-
UK sanctions Russian hackers, spies as US weighs its own punishments for Russia
The hackers were allegedly involved in operations against Ukraine and a Russian on U.K. soil, the latter with malware tied to U.S. 2016 election interference. First seen on cyberscoop.com Jump to article: cyberscoop.com/uk-sanctions-russian-hackers-spies-as-us-weighs-its-own-punishments-for-russia/
-
UK sanctions Russian cyber spies accused of facilitating murders
Eighteen members of Russia’s GRU have been sanctioned by the British government for various operations, including military strikes that killed hundreds of civilians in Ukraine. First seen on therecord.media Jump to article: therecord.media/uk-sanctions-gru-personnel-accused-murder-civilians-ukraine
-
Breaking: UK sanctions Russian cyber spies accused of facilitating murders
Eighteen members of Russia’s GRU have been sanctioned by the British government for various operations, including military strikes that killed hundreds of civilians in Ukraine. First seen on therecord.media Jump to article: therecord.media/uk-sanctions-gru-personnel-accused-murder-civilians-ukraine
-
Russia Linked to New Malware Targeting Email Accounts for Espionage
Russian military intelligence-linked hackers are using a new malware called “Authentic Antics” to secretly access Microsoft cloud email accounts, the UK’s NCSC reports First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-malware-targeting-email/
-
LameHug: first AI-Powered malware linked to Russia’s APT28
LameHug malware uses AI to create data-theft commands on infected Windows systems. Ukraine links it to the Russia-nexus APT28 group. Ukrainian CERT-UA warns of a new malware strain dubbed LameHug that uses a large language model (LLM) to generate commands to be executed on compromised Windows systems. Ukrainian experts attribute the malware to the Russia-linked…
-
Russian Vodka Maker Beluga Struck by Ransomware Attack
Novabev Group, the parent company of premium vodka brand Beluga, has confirmed it was hit by a sophisticated ransomware attack on July 14, 2025, temporarily disrupting operations and affecting IT infrastructure across the company and its WineLab subsidiary. The Russian spirits manufacturer has refused to pay any ransom demands, maintaining a firm stance against negotiating…
-
Breach Roundup: Fashion House Louis Vuitton Confirms Breach
Also: CISA Warns of Unpatched Train Brake Vulnerability. This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier. First seen on govinfosecurity.com Jump to article:…
-
European cyber cops target NoName057(16) DDoS network
A Europol operation has succeeded in disrupting a pro-Russian hacktivist network accused of conducting DDoS cyber attacks on targets in Ukraine and Europe. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627802/European-cyber-cops-target-NoName05716-DDoS-network
-
Russian vodka producer reports disruptions after ransomware attack
Novabev Group, the Russian maker of Beluga Vodka and other brands, had to stop shipments and temporarily close stores in its WineLab subsidiary after a ransomware attack. First seen on therecord.media Jump to article: therecord.media/novabev-russia-vodka-maker-ransomware-attack
-
Police Shut Down 100 Servers Tied to Russian NoName057(16), Arrest 2
In an operation called Eastwood, authorities arrested two people and shut down more than 100 servers linked to the Russian group NoName057(16). First seen on hackread.com Jump to article: hackread.com/police-shut-down-100-servers-russian-noname05716/
-
Ukrainian Hackers Claim Cyberattack on Major Russian Drone Supplier
A Ukrainian woman who survived a catastrophic cluster munition attack in 2014 continues to navigate the complex aftermath of severe combat-related injuries, highlighting the long-term humanitarian consequences of explosive ordnance use in populated areas. Nelya Leonidova, 34 at the time of the incident, sustained life-threatening polytrauma when submunitions detonated near a recreational area in Zugres,…
-
Elite Russian university launches degree program on sanctions evasion
The Higher School of Economics (HSE), a leading Russian institution, said the two-year course will focus on international corporate compliance and business ethics, and will be taught in both Russian and English. First seen on therecord.media Jump to article: therecord.media/russian-university-sanctions-evasion-degree
-
Researchers Reveal How Hacktivist Groups Gain Attention and Choose Their Targets
Cybersecurity researchers at Graphika have unveiled comprehensive findings on the operational dynamics of hacktivist organizations, revealing sophisticated attention-seeking behaviors and strategic target selection methodologies. Through their ATLAS intelligence reporting platform, analysts have systematically monitored approximately 700 active and inactive hacktivist entities since 2022, encompassing state-sponsored personas, geopolitically aligned collectives supporting Russia and Ukraine, and regionally-focused…
-
Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine
An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies.The actions have led to the dismantling of a major part of the group’s central server infrastructure and more than 100…
-
Threat Actors Deploy 28+ Malicious Packages to Spread Protestware Scripts
Socket’s Threat Research Team has discovered a network of at least 28 malicious packages including protestware scripts, totaling approximately 2,000 copies, in a major escalation within the npm supply chain. These packages, initially flagged in two instances for hidden functionality targeting Russian-language users on Russian or Belarusian domains, have proliferated across the ecosystem. The protestware,…
-
EU Authorities Take Down Pro-Russian Hacktivist Collective
Police Seize Servers and Arrest Two Suspects Linked to NoName057(16) Group. A joint operation by European police agencies led to the arrests of two suspected operators of a prolific pro-Russian hacktivist group called NoName057(16). The authorities also seized multiple networks associated with the group, as well as issued arrest warrants against other suspected members. First…
-
Ukrainian hackers claim to have destroyed major Russian drone maker’s entire network
‘Deeply penetrated’ Gaskar ‘to the very tonsils of demilitarization’ First seen on theregister.com Jump to article: www.theregister.com/2025/07/16/ukrainian_drone_attack/
-
Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)
International law enforcement operation disrupted the activities of the pro-Russia hacking group NoName057(16). European and U.S. authorities disrupted the activities of the pro-Russian hacktivist group NoName057(16) in Operation Eastwood. >>Between 14 and 17 July, a joint international operation, known as Eastwood and coordinated by Europol and Eurojust, targeted the cybercrime network NoName057(16). Law enforcement and…
-
Operation Eastwood shutters 100+ servers used to DDoS websites supporting Ukraine
Two Russian suspects in cuffs, seven warrants out First seen on theregister.com Jump to article: www.theregister.com/2025/07/16/russian_hacktivist_bust/
-
International operation disrupts pro-Russian hacker group NoName057(16)
European and U.S. law enforcement have disrupted the operations of a pro-Russian hacker group known for launching distributed denial-of-service attacks against Ukraine and its allies. First seen on therecord.media Jump to article: therecord.media/international-police-takedown-noname-hacker
-
Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation
Over a dozen law enforcement agencies took action earlier this week, resulting in multiple arrests. First seen on cyberscoop.com Jump to article: cyberscoop.com/noname05716-disruption-operation-eastwood-europol/
-
Pro-Russian Cybercrime Network Demolished in Operation Eastwood
A Europol coordinated operation has taken down key infrastructure used by pro-Russian hacktivist group NoName057(16), as well as a number of arrests First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/prorussian-cybercrime-network/