Tag: russia

Russia warns financial sector of major IT service provider hack

Feb 24, 2025 10:23 PM

Tags: breach, computer, country, finance, russia, service, software

Russia’s National Coordination Center for Computer Incidents (NKTsKI) is warning organizations in the country’s credit and financial sector about a breach at LANIT, a major Russian IT service and software provider. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russia-warns-financial-sector-of-major-it-service-provider-hack/
EU sanctions North Korean tied to Lazarus group over involvement in Ukraine war

Feb 24, 2025 8:23 PM

Tags: group, hacking, intelligence, lazarus, north-korea, russia, ukraine

The latest package of EU sanctions related to Russia’s invasion of Ukraine included the leader of the North Korean intelligence agency known for backing the Lazarus group and other high-profile hacking operations. First seen on therecord.media Jump to article: therecord.media/eu-sanctions-north-korea-ukraine-war-lazarus-group
Three years on, Europe looks to Ukraine for the future of defense tech

Feb 24, 2025 6:23 PM

Tags: conference, country, defense, russia, ukraine

Today marks three years since Russia’s illegal, unprovoked, and brutal invasion of Ukraine. The Ukrainian people have heroically fought the war with grit and determination, but they have also, against the odds, innovated on and off the battlefield. In addition to establishing a defense tech initiative called BRAVE1, the country has also hosted tech conferences like…
Australia bans government use of Kaspersky software due to ‘unacceptable security risk’

Feb 24, 2025 6:23 PM

Tags: cybersecurity, government, kaspersky, risk, russia, software

The Australian government followed the U.S., Canada, and the United Kingdom in taking action against the Russian cybersecurity giant First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/24/australia-bans-government-use-of-kaspersky-software-due-to-unacceptable-security-risk/
Australia bans government use of Kaspersky software over Russian espionage concerns

Feb 24, 2025 4:22 PM

Tags: cybersecurity, data, espionage, government, kaspersky, network, risk, russia, software

Kaspersky software “poses an unacceptable security risk to the Australian government, networks, and data,” Home Affairs Secretary Stephanie Foster said in announcing a ban on the cybersecurity company’s products. First seen on therecord.media Jump to article: therecord.media/kaspersky-australia-government-ban
Australia bans Kaspersky over national security concerns

Feb 24, 2025 3:23 PM

Tags: cybersecurity, espionage, framework, government, kaspersky, risk, russia, service, software

Australia bans Kaspersky software over national security concerns, citing risks of foreign interference, espionage, and sabotage of government networks. Australian Government banned products and services provided by Russian cybersecurity firm Kaspersky over national security concerns. The Secretary of the Department of Home Affairs has issued a mandatory directive under the Protective Security Policy Framework (PSPF)…
Kaspersky Banned on Australian Government Systems

Feb 24, 2025 2:23 PM

Tags: cybersecurity, government, kaspersky, russia, service

Australian government entities have been banned from using products and services of Russian cybersecurity company Kaspersky. The post Kaspersky Banned on Australian Government Systems appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/kaspersky-banned-on-australian-government-systems/
Australia Bans Kaspersky Software Over National Security and Espionage Concerns

Feb 24, 2025 11:23 AM

Tags: country, data, espionage, government, kaspersky, network, risk, risk-analysis, russia, service, software, threat

Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns.”After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data,…
GhostSocks Malware Uses SOCKS5 Proxy to Evade Detection Systems

Feb 24, 2025 10:22 AM

Tags: cyber, cybercrime, detection, exploit, finance, malware, russia, service, threat

GhostSocks, a Golang-based SOCKS5 backconnect proxy malware, has emerged as a significant threat within the cybercrime ecosystem. First identified in October 2023 on Russian-language forums, its distribution expanded to English-speaking criminal platforms by mid-2024. This malware operates as part of a Malware-as-a-Service (MaaS) model, allowing threat actors to exploit compromised systems for financial gain. Its…
Russia-Linked Threat Actors Exploiting Signal Messenger to Eavesdrop on Sensitive Communications

Feb 24, 2025 5:23 AM

Tags: communications, exploit, google, group, intelligence, russia, threat

A recent report from Google Threat Intelligence Group (GTIG) has revealed a coordinated effort by multiple Russia-aligned threat First seen on securityonline.info Jump to article: securityonline.info/russia-linked-threat-actors-exploiting-signal-messenger-to-eavesdrop-on-sensitive-communications/
US releases BTC-e operator in prisoner exchange with Russia

Feb 23, 2025 10:22 PM

Tags: russia

First seen on scworld.com Jump to article: www.scworld.com/brief/us-releases-btc-e-operator-in-prisoner-exchange-with-russia
ISMG Editors: Is Russia’s Ransomware Purge for Real?

Feb 21, 2025 8:23 PM

Tags: ai, cybersecurity, ransomware, risk, russia, update

Also: AI Benchmark Hype, Trump’s Cybersecurity Shake-Up, Musk’s Growing Influence. In this week’s update, ISMG editors analyze motives behind Russia’s sudden crackdown on ransomware gangs and discuss whether AI benchmark scores are more hype than reality and whether President Donald Trump’s policies and Elon Musk’s influence pose security risks – or just more political theater.…
Leaked Black Basta Chat Logs Show Banality of Ransomware

Feb 21, 2025 6:23 PM

Tags: data-breach, group, hacker, ransom, ransomware, russia

‘He Is an Idiot,’ Dissatisfied Hacker Writes of Boss. Two hundred thousand internal chat messages from the Russian ransomware group Black Basta have been leaked online, supposedly in reprisal for the operation targeting Russian banks. The partial logs, spanning 13 months, detail negotiations with victims, ransoms paid, internal disagreements and more. First seen on govinfosecurity.com…
A huge trove of leaked Black Basta chat logs expose the ransomware gang’s key members and victims

Feb 21, 2025 5:23 PM

Tags: data-breach, finance, group, ransomware, russia

A leaker allegedly published the leaked internal messages after the group allegedly targeted Russian banks First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/21/a-huge-trove-of-leaked-black-basta-chat-logs-expose-the-ransomware-gangs-key-members-and-victims/
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife

Feb 21, 2025 4:23 PM

Tags: attack, breach, group, hacker, hacking, russia, ukraine

A pro-Ukraine hacking group claimed that it was behind an attack on CarMoney, a Russian microfinance company with reported connections to Vladimir Putin’s ex-wife. First seen on therecord.media Jump to article: therecord.media/russia-carmoney-data-breach-ukrainian-cyber-alliance
German election targeted by Russian disinformation, security services warn

Feb 21, 2025 4:23 PM

Tags: country, disinformation, election, germany, russia, service

Germany’s security services warned on Friday that fake videos circulating online purporting to reveal ballot manipulation in the country’s upcoming federal elections were part of a Russian information operation. First seen on therecord.media Jump to article: therecord.media/german-election-targeted-by-russian-disinformation
DDoS-Angriff auf Banken in Italien

Feb 20, 2025 9:46 AM

Tags: cyberattack, ddos, hacker, russia

Italian websites targeted by alleged pro-Russian hackers First seen on reuters.com Jump to article: www.reuters.com/world/europe/alleged-pro-russian-hackers-hit-20-italian-websites-cybersecurity-agency-says-2025-02-17/
Russia-linked APTs target Signal messenger

Feb 19, 2025 11:46 PM

Tags: apt, exploit, google, group, intelligence, russia, tactics, threat

Russia-linked threat actors exploit Signal ‘s >>linked devices
Russian Groups Target Signal Messenger in Spy Campaign

Feb 19, 2025 11:46 PM

Tags: attack, google, group, russia, spy

These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/russian-groups-target-signal-messenger-in-spy-campaign
Russia-aligned hackers are targeting Signal users with device-linking QR codes

Feb 19, 2025 10:46 PM

Tags: group, hacker, qr, russia

Swapping QR codes in group invites and artillery targeting are latest ploys. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2025/02/russia-aligned-hackers-are-targeting-signal-users-with-device-linking-qr-codes/
Russia-aligned threat groups dupe Ukrainian targets via Signal

Feb 19, 2025 10:46 PM

Tags: google, group, phishing, russia, threat, ukraine

Google researchers say multiple Russian state threat groups have conducted remote phishing operations to target and compromise Signal accounts. First seen on cyberscoop.com Jump to article: cyberscoop.com/russia-threat-groups-target-ukraine-signal/
Russian cyberespionage groups target Signal users with fake group invites

Feb 19, 2025 7:46 PM

Tags: access, android, api, attack, communications, computer, cyber, cyberespionage, data, espionage, google, group, intelligence, linux, macOS, malicious, malware, military, mobile, password, phishing, phone, powershell, qr, russia, service, spyware, tactics, threat, ukraine, update, windows

QR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
Hackers Tricking Users Into Linking Devices to Steal Signal Messages

Feb 19, 2025 7:46 PM

Tags: attack, google, hacker, russia

Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn… First seen on hackread.com Jump to article: hackread.com/hackers-trick-users-link-device-steal-signal-messages/
Warning over privacy of encrypted messages as Russia targets Signal Messenger

Feb 19, 2025 7:46 PM

Tags: attack, phishing, privacy, risk, russia, service

Russia is using phishing attacks to compromise encrypted Signal Messenger services used by targets in the Ukraine. Experts warn that other encrypted app users are at risk First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619473/Warning-over-privacy-of-encrypted-messages-as-Russia-targets-Signal-Messenger
Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes

Feb 19, 2025 7:46 PM

Tags: access, exploit, hacker, malicious, privacy, qr, russia, threat, unauthorized

Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts.”The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app’s legitimate ‘linked devices’ feature that enables Signal to be used on multiple…
Russian Hackers Target Signal Messenger Users to Steal Sensitive Data

Feb 19, 2025 5:46 PM

Tags: communications, cyber, data, exploit, google, group, hacker, intelligence, military, russia, threat, ukraine

Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group (GTIG). These campaigns, primarily linked to Russia’s ongoing military operations in Ukraine, aim to intercept sensitive communications from military personnel, politicians, journalists, and activists. The attackers are exploiting Signal’s >>linked…
Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware

Feb 19, 2025 5:46 PM

Tags: cyber, cybercrime, data-breach, group, hacker, malware, ransomware, russia, threat, tool, windows

The SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal group CryptoBytes, which has been active since at least 2023. This financially motivated group is leveraging a ransomware strain named UxCryptor, which has gained notoriety for its reliance on leaked ransomware builders. These tools lower the technical barrier for malware…
Russian state hackers spy on Ukrainian military through Signal app

Feb 19, 2025 4:46 PM

Tags: access, government, hacker, military, russia, spy, ukraine

Russian state-backed hackers are increasingly targeting Signal messenger accounts, including those used by Ukrainian military personnel and government officials, in an effort to access sensitive information that could aid Moscow’s war effort, researchers warn. First seen on therecord.media Jump to article: therecord.media/russian-state-hackers-spy-on-ukraine-military-signal
Ukrainian Signal Users Fall to Russian Social Engineering

Feb 19, 2025 1:46 PM

Tags: attack, encryption, google, hacker, malicious, phishing, russia, service, social-engineering, tactics, ukraine

Google Expects Tactics to Spread; Global Targets and Other Services at Risk. Russian nation-state hackers are using phishing attacks to target Ukrainian users of the chat app Signal, say security researchers. Rather than circumventing Signal’s end-to-end encryption via a cryptographic attack, attackers use malicious prompting to prod victims into exposing messages. First seen on govinfosecurity.com…
Russian phishing campaigns exploit Signal’s device-linking feature

Feb 19, 2025 1:46 PM

Tags: access, exploit, phishing, russia, threat, unauthorized

Russian threat actors have been launching phishing campaigns that exploit the legitimate “Linked Devices” feature in the Signal messaging app to gain unauthorized access to accounts of interest. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-phishing-campaigns-exploit-signals-device-linking-feature/