Tag: russia
-
Russian GRU’s APT28 Targets Global Logistics Supporting Ukraine Defense
A new Joint Cybersecurity Advisory issued in May 2025 by a coalition of cybersecurity and intelligence agencies across First seen on securityonline.info Jump to article: securityonline.info/russian-grus-apt28-targets-global-logistics-supporting-ukraine-defense/
-
EU sanctions target individuals, organizations behind Russia’s disinformation and sabotage operations
Members of the Russian military intelligence unit GRU, as well as individuals involved in promoting Kremlin narratives through social media campaigns, were targeted with the sanctions. First seen on therecord.media Jump to article: therecord.media/eu-sanctions-orgs-individuals-tied-to-russia-disinformation
-
PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky.”The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same period in 2024,” the cybersecurity vendor said.The attack…
-
Nation-state APTs ramp up attacks on Ukraine and the EU
Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/21/apt-groups-attacks-eu-ukraine/
-
Major Russian state services disrupted, reportedly due to cyberattack
Internet monitoring services showed ongoing disruptions to Russia’s tax service, as well as services for managing secure digital keys and documents (Saby), among others. First seen on therecord.media Jump to article: therecord.media/major-russian-state-services-disrupted-ddos
-
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-apt-intensify-cyber/
-
Hackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted Attacks
Russian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) model, Pure malware allows cybercriminals to purchase and deploy it with ease. While the campaign began in March 2023, the first third of 2025 witnessed a staggering fourfold increase in…
-
Malicious PyPI package sets sights on Russian developers
First seen on scworld.com Jump to article: www.scworld.com/brief/malicious-pypi-package-sets-sights-on-russian-developers
-
US cessation of offensive cyber operations against Russia downplayed
First seen on scworld.com Jump to article: www.scworld.com/brief/us-cessation-of-offensive-cyber-operations-against-russia-downplayed
-
Russia-linked disinformation floods Poland, Romania as voters cast ballots
Romania and Poland have each reported increased Russian disinformation activity ahead of their presidential elections, with authorities warning the Kremlin-backed network Doppelgänger is actively attempting to influence voters. First seen on therecord.media Jump to article: therecord.media/russia-disinformation-poland-presidential-election
-
SolarWinds security chief on the risks and rewards of being a CISO
At the RSA Conference in San Francisco this year, Tim Brown talked about the protection CISOs need, Russia’s continued attempts to launch attacks and how companies can navigate the treacherous waters of cyber incidents. First seen on therecord.media Jump to article: therecord.media/solarwinds-security-chief-tim-brown-interview
-
Russia-Linked SpyPress Malware Exploits Webmails to Spy on Ukraine
ESET reports on RoundPress, a cyber espionage campaign by Russia’s Fancy Bear (Sednit) targeting Ukraine-related organizations via webmail… First seen on hackread.com Jump to article: hackread.com/russia-spypress-malware-exploits-webmails-spy-ukraine/
-
Cyberangriff auf eine Klinik in Russland
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Global government webmail servers targeted by Russian cyberespionage operation
First seen on scworld.com Jump to article: www.scworld.com/brief/global-government-webmail-servers-targeted-by-russian-cyberespionage-operation
-
Key lawmaker says pause in offensive cyber operations against Russia lasted one day
Republican Rep. Don Bacon said that a pause in U.S. offensive cyber operations against Russia earlier this year lasted only one day as part of the Trump administration’s negotiations with the Kremlin on ending the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/us-pause-offensive-cyber-operations-russia-lasted-one-day-rep-bacon-says
-
Key lawmaker says pause in offensive cyber operations against Russia lasted one day
Republican Rep. Don Bacon said that a pause in U.S. offensive cyber operations against Russia earlier this year lasted only one day as part of the Trump administration’s negotiations with the Kremlin on ending the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/us-pause-offensive-cyber-operations-russia-lasted-one-day-rep-bacon-says
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Pro-Ukraine Group Targets Russian Developers with Python Backdoor
ReversingLabs discovers dbgpkg, a fake Python debugger that secretly backdoors systems to steal data. Researchers suspect a pro-Ukraine… First seen on hackread.com Jump to article: hackread.com/ukraine-group-russian-developers-python-backdoor/
-
Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia
Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as >>Aels,
-
Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim’s webmail page First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-bear-russia-cyber-espionage/
-
Operation RoundPress: Sednit Weaponizes XSS to Breach Global Webmail Servers
ESET researchers have exposed a covert cyberespionage campaign, dubbed Operation RoundPress, believed to be orchestrated by the Russia-aligned First seen on securityonline.info Jump to article: securityonline.info/operation-roundpress-sednit-weaponizes-xss-to-breach-global-webmail-servers/
-
After helping Russia on the ground North Korea targets Ukraine with cyberespionage
Tags: credentials, cyber, cyberespionage, email, government, hacker, identity, intelligence, korea, microsoft, north-korea, phishing, resilience, risk, russia, ukraineCredential harvesting: Before the phishing emails, the same Ukrainian government entities were targeted with email alerts impersonating Microsoft and claiming unusual sign-in activity was detected on their accounts. The victims were asked to perform identity verification by clicking on a button, which took them to credential harvesting pages.The Proofpoint researchers didn’t manage to obtain any…
-
Google patches Chrome vulnerability used for account takeover and MFA bypass
How could this be exploited?: OAuth provides a way of giving access to something without the need for a password. It’s useful in multiple scenarios, for example, in single sign-on (SSO). Users might also encounter it when giving a contact access to a file or document in a cloud service such as Microsoft 365 without…
-
Breach Roundup: SAP NetWeaver Flaw Draws Hackers
Tags: breach, conference, credentials, flaw, hacker, ivanti, microsoft, north-korea, russia, sap, zero-dayAlso, DOGE Employee’s Credentials Found in Infostealer Dumps. This week, SAP NetWeaver flaw drew hackers, zero-days in Ivanti EPMM, DOGE employee’s credentials found in infostealer dumps and Nucor halted operations. North Korean hackers targeted South Koreans with fake conference invites, Russian hackers targeted webmail servers and Microsoft fixed 72 flaws. First seen on govinfosecurity.com Jump…
-
Attack claimed by pro-Ukraine hackers reportedly erases a third of Russian court case archive
About a third of the case file archive of Pravosudiye, Russia’s national electronic court filing system, was deleted in a previously reported cyberattack, auditors said. First seen on therecord.media Jump to article: therecord.media/russia-court-system-hack-third-of-case-files-deleted
-
Kremlin-linked hackers target webmail servers of Eastern European government agencies
Russia-linked hackers known as APT28 mainly targeted entities in Ukraine, Bulgaria and Romania, but governments in Africa, South America and other parts of Europe were also affected. First seen on therecord.media Jump to article: therecord.media/kremlin-linked-hackers-target-webmail-eastern-europe-governments
-
Russian Hackers Exploit XSS Vulnerabilities to Inject Malicious Code into Email Servers
Tags: blizzard, cyber, cyberespionage, cybersecurity, email, exploit, group, hacker, malicious, russia, vulnerability, xssA sophisticated cyberespionage campaign, dubbed Operation RoundPress, has been uncovered by cybersecurity researchers at ESET. Attributed with medium confidence to the Russian-linked Sednit group-also known as APT28, Fancy Bear, and Forest Blizzard-this operation targets high-value webmail servers using cross-site scripting (XSS) vulnerabilities. Active since at least 2004, Sednit has a notorious history, including alleged involvement…
-
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET.The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It has…