Tag: russia
-
British criminals convicted over Wagner Group-linked arson attack on London warehouse
The attack was described as a “clear example of an organisation linked to the Russian state using ‘proxies’, in this case British men, to carry out very serious criminal activity in this country on their behalf.” First seen on therecord.media Jump to article: therecord.media/british-criminals-convicted-wagner-group-arson
-
New Bert Ransomware Evolves With Multiple Variants
An emerging ransomware group that calls itself Bert is quickly evolving after hitting the cybercrime scene in April, targeting both Windows and Linux systems used by organizations in the health care, tech, and other industries in the United States, Europe, and Asia. It may be a Russian group whose malware evolved from REvil code. First…
-
SEC and SolarWinds to settle lawsuit over 2020 breach
The US SEC and SolarWinds have reached a settlement in principle to resolve litigation over alleged security failings that led to the 2020 compromise of the supplier’s Orion platform by Russian cyber spies First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627272/SEC-and-SolarWinds-to-settle-lawsuit-over-2020-breach
-
New spyware strain steals data from Russian industrial companies
Moscow-based cybersecurity firm Kaspersky said the campaign has already affected over 100 victims across several dozen Russian organizations, but did not disclose the specific targets. First seen on therecord.media Jump to article: therecord.media/spyware-strain-steals-data-russian-industrial-sector
-
Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms
Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia.The activity, per cybersecurity vendor Kaspersky, has been active since July 2024.”The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract,” the Russian company said. “The main goal…
-
New Batavia spyware targets Russian industrial enterprises
Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents. The attack, ongoing since July 2024, begins with links to…
-
Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war
The developers behind a custom firmware used to convert consumer drones for military use in Ukraine have reported a cyberattack disrupting the system that distributes the software. First seen on therecord.media Jump to article: therecord.media/cyberattack-russia-firmware-blow-hackers
-
‘Batavia’ Windows spyware campaign targets dozens of Russian orgs
A previously undocumented spyware called ‘Batavia’ has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/batavia-windows-spyware-campaign-targets-dozens-of-russian-orgs/
-
Batavia Spyware Targets Employees via Weaponized Word Documents Delivering Malware Payloads
Batavia, an unidentified spyware, has been using a sophisticated phishing operation to target Russian industrial organizations since July 2024. Kaspersky researchers have identified a sharp rise in detections since early March 2025, with over 100 users across dozens of organizations falling prey to bait emails disguised as contract agreements. These emails, often containing file names…
-
Russia’s St. Petersburg hit by major internet outage amid drone strike warnings
The outages in Russia’s second largest city are the latest in a series of shutdowns that may be linked to the Kremlin’s efforts to protect critical infrastructure from Ukrainian drone attacks. First seen on therecord.media Jump to article: therecord.media/russia-saint-petersburg-outage-drones
-
Aeza Group Latest BPH Service Provider Sanctioned by U.S. Treasury
Five months after sanction Zservers, the U.S. Treasury Department targeted Aeza Group, another Russia-based bulletproof hosting services provider for allowing threat actors to host ransomware and other campaigns on its infrastructure, which is resistant to law enforcement demands and investigations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/aeza-group-latest-bph-service-provider-sanctioned-by-u-s-treasury/
-
Ransomware Group Hunters International Announces Exit
Cybercrime Experts Greet Announcement With Skepticism. Hunters International said Thursday it closed shop, provoking skepticism among cybercrime experts who said it’s more likely the Russian-speaking hackers behind the ransomware group will start up again under a new brand name. Ransomware groups often rebrand themselves. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ransomware-group-hunters-international-announces-exit-a-28894
-
Two new pro-Russian hacktivist groups target Ukraine, recruit insiders
Groups calling themselves IT Army of Russia and TwoNet are newly active on Telegram, coordinating operations and seeking new members, researchers at Intel 471 said. First seen on therecord.media Jump to article: therecord.media/twonet-it-army-of-russia-new-hacktivist-groups-target-ukraine
-
Russia jails man for 16 years over pro-Ukraine cyberattacks on critical infrastructure
Russian authorities said the man used malware to attack Russian information systems in 2022, blocking access to websites of several local companies and damaging critical infrastructure. First seen on therecord.media Jump to article: therecord.media/russia-jails-man-over-pro-ukraine-cyberattacks
-
Pro-Russian Hackers Forge New Alliances for High-Profile Cyberattacks
The ongoing Russia-Ukraine conflict, which intensified in 2022, continues to reshape the cybercrime landscape in 2025, with hacktivism emerging as a potent weapon in geopolitical disputes. Since the war’s outbreak, pro-Russian and pro-Ukrainian hacktivist groups have waged a parallel battle in cyberspace, employing distributed denial-of-service (DDoS) attacks, website defacements, and data breaches to influence the…
-
Pro-Russian Hacktivists Escalate 2025 Cyber Offensive: Targeting Western Critical Infrastructure ICS
The post Pro-Russian Hacktivists Escalate 2025 Cyber Offensive: Targeting Western Critical Infrastructure ICS appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/pro-russian-hacktivists-escalate-2025-cyber-offensive-targeting-western-critical-infrastructure-ics/
-
Extensive data compromise purportedly impacts Russian defense contractor
First seen on scworld.com Jump to article: www.scworld.com/brief/extensive-data-compromise-purportedly-impacts-russian-defense-contractor
-
US-sanctioned entity involved in Russian independent media hack
Tags: russiaFirst seen on scworld.com Jump to article: www.scworld.com/brief/us-sanctioned-entity-involved-in-russian-independent-media-hack
-
Alleged ransomware, infostealer support prompts US sanctions against Russian hosting provider
First seen on scworld.com Jump to article: www.scworld.com/brief/alleged-ransomware-infostealer-support-prompts-us-sanctions-against-russian-hosting-provider
-
Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing
A Russian APT known as Gamaredon is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-gamaredon-ukraine-phishing
-
Gamaredon Unleashes Six New Malware Tools for Stealth, Persistence, and Lateral Movement
Gamaredon, a Russia-aligned advanced persistent threat (APT) group attributed by Ukraine’s Security Service (SSU) to the FSB’s 18th Center of Information Security, has exclusively targeted Ukrainian governmental institutions throughout 2024, abandoning prior attempts to hit NATO countries. According to ESET Research Report, which has closely tracked the group’s activities, this refocus aligns with Gamaredon’s long-standing…
-
US imposes sanctions on second Russian bulletproof hosting vehicle this year
Aeza Group accused of assisting data bandits and BianLian ransomware crooks First seen on theregister.com Jump to article: www.theregister.com/2025/07/02/aeza_group_us_sanctions/
-
U.S. Sanctions Russia’s Aeza Group for aiding crooks with bulletproof hosting
U.S. Treasury sanctions Russia-based Aeza Group and affiliates for aiding cybercriminals via bulletproof hosting services. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russia-based Aeza Group for aiding global cybercriminals via bulletproof hosting services. A bulletproof hosting service is a type of internet hosting provider that knowingly allows cybercriminals to host malicious content…
-
Second espionage-linked cyberattack hits ICC, exposing persistent threats to global justice systems
Tags: attack, crime, crimes, cyber, cyberattack, cybersecurity, data, disinformation, espionage, identity, infrastructure, intelligence, international, Internet, office, resilience, russia, spy, threat, ukrainePattern of sophisticated cyber espionage: This marks the second major cybersecurity incident targeting the ICC in recent years. In September 2023, the court disclosed it had suffered what it later characterized as “a targeted and sophisticated attack with the objective of espionage” that was “a serious attempt to undermine the Court’s mandate.”According to reports following…
-
US drops sanctions on second Russian bulletproof hosting vehicle this year
Aeza Group accused of assisting data bandits and BianLian ransomware crooks First seen on theregister.com Jump to article: www.theregister.com/2025/07/02/aeza_group_us_sanctions/
-
Blind Eagle Linked to Russian Host Proton66 in Latin America Attacks
Blind Eagle hackers linked to Russian host Proton66 to target banks in Latin America using phishing and RATs. Trustwave urges stronger security. First seen on hackread.com Jump to article: hackread.com/blind-eagle-russian-host-proton66-latin-america-attacks/
-
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
Tags: control, country, cybercrime, group, international, malicious, office, ransomware, russia, service, threatThe U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world.The sanctions also extend to its subsidiaries Aeza International Ltd., the U.K. branch of…
-
US Treasury Sanctions Russian Bulletproof Hosting Service Aeza Group
The Treasury said that Aeza Group has provided infrastructure services for notorious infostealer and ransomware operators First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-sanctions-russian-bulletproof/
-
U.S. Treasury Sanctions Bulletproof Hosting Firm Fueling Ransomware Campaigns
Tags: attack, control, cyber, cybercrime, data, group, international, network, office, ransomware, russia, theftThe U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sweeping sanctions onAeza Group, a Russia-based bulletproof hosting (BPH) provider, for its pivotal role in enabling global cybercrime, including ransomware attacks, data theft, and illicit drug trafficking. The action, announced Tuesday, targets Aeza Group’s international network, including affiliated companies in Russia…