Tag: russia
-
UK drug funds flowed into bank tied to Russian spy services, military
The NCA on Friday confirmed that a money laundering network under investigation was used to purchase Keremet Bank in Kyrgyzstan, which was sanctioned earlier this year. First seen on therecord.media Jump to article: therecord.media/uk-drug-funds-flowed-into-bank-tied-to-russia
-
SEC drops case against SolarWinds tied to monumental breach
The Securities and Exchange Commission on Thursday dropped its case against SolarWinds and its chief information security officer over its handling of an alleged Russian cyberespionage campaign uncovered in 2020, an incident that penetrated at least nine federal agencies and hundreds of companies. The SEC’s decision brings to a halt one of the more divisive…
-
Tsundere Botnet Targets Windows, Linux macOS via Node.js Packages
A Russian-speaking threat actor attributed to the username >>koneko
-
Authorities Sanction Russia-Based Bulletproof Hosting Provider for Aiding Ransomware
The United States, Australia, and the United Kingdom have announced coordinated sanctions against Media Land, a Russia-based bulletproof hosting provider, and related entities for supporting ransomware operations and other cybercrimes. The Department of the Treasury’s Office of Foreign Assets Control (OFAC), working with international partners and the FBI, has designated the company’s leadership team and…
-
Authorities Sanction Russia-Based Bulletproof Hosting Provider for Aiding Ransomware
The United States, Australia, and the United Kingdom have announced coordinated sanctions against Media Land, a Russia-based bulletproof hosting provider, and related entities for supporting ransomware operations and other cybercrimes. The Department of the Treasury’s Office of Foreign Assets Control (OFAC), working with international partners and the FBI, has designated the company’s leadership team and…
-
Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops
US, Australia and UK sanctioned 2 Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. US, Australia and UK sanctioned two Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. Coordinated sanctions hit Russia-based provider Media Land, its leaders, and sister firms for supplying bulletproof hosting that…
-
Russia blacklists S.T.A.L.K.E.R. game developer, accusing it of aiding Ukraine’s war effort
The Prosecutor General’s Office accused the game’s developer, GSC Game World, of financing Ukraine’s armed forces, alleging it transferred about $17 million to the military in 2022. First seen on therecord.media Jump to article: therecord.media/russia-blacklists-stalker-game-developer
-
Russia blacklists S.T.A.L.K.E.R. game developer, accusing it of aiding Ukraine’s war effort
The Prosecutor General’s Office accused the game’s developer, GSC Game World, of financing Ukraine’s armed forces, alleging it transferred about $17 million to the military in 2022. First seen on therecord.media Jump to article: therecord.media/russia-blacklists-stalker-game-developer
-
UK, US and Australia Sanction Russian Bulletproof Hoster Media Land
Tags: russiaAllies sanction bulletproof hoster Media Land and four executives First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-us-sanction-russian-bulletproof/
-
Iranian APT hacks helped direct missile strikes in Israel and the Red Sea
MuddyWater uses hacked CCTV cameras to help guide missiles: Amazon also found supporting threat intel evidence for another Iran-linked incident involving cyber espionage and missile strikes that has received some official confirmation.After the US strikes against Iran’s nuclear sites in June, Iran retaliated by launching a barrage of missiles against Israel, targeting cities such as…
-
Five Eyes just made life harder for bulletproof hosting providers
An international effort sanctioned Russia-based Media Land and took action against companies and people who helped Aeza Group evade previously issued sanctions. First seen on cyberscoop.com Jump to article: cyberscoop.com/bulletproof-hosting-providers-sanctions-mitigation-media-land/
-
Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet
Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromised tens of thousands of outdated or end-of-life ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, pulling them into a large malicious network. SecurityScorecard…
-
US, allies sanction Russian bulletproof hosting services for ransomware support
A popular Russian bulletproof hosting service provider named Media Land was sanctioned by the U.S. Treasury and international partners for its alleged support of ransomware gangs and other cybercriminal operations. First seen on therecord.media Jump to article: therecord.media/bulletproof-hosting-sanctions-ransomware
-
Operation WrtHug hijacks 50,000+ ASUS routers to Bìbuild global botnet
Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromised tens of thousands of outdated or end-of-life ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, pulling them into a large malicious network. SecurityScorecard…
-
US, allies sanction Russian bulletproof hosting firm
Authorities say the company helped ransomware gangs and supported DDoS attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russian-bulletproof-hosting-company-sanctions-us-australia-uk/805911/
-
US, UK, and Australia sanction Russian ‘bulletproof’ web host used in ransomware attacks
The newly imposed sanctions target Russian-based web host Media Land, which officials say are linked to LockBit and BlackSuit ransomware attacks. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/19/us-uk-and-australia-sanction-russian-bulletproof-web-host-used-in-ransomware-attacks/
-
US, Allies Sanction Russian Bulletproof Ransomware Host
Treasury Links Russian Bulletproof Host Network to Prolific Ransomware Operations. The U.S., U.K. and Australia sanctioned Russian bulletproof host Media Land for supporting major ransomware gangs like LockBit and Play, a move paired with new global guidance urging internet service providers to tighten access controls and disrupt cybercrime infrastructure. First seen on govinfosecurity.com Jump to…
-
Russian bulletproof hosting provider sanctioned over ransomware ties
Today, the United States, the United Kingdom, and Australia announced sanctions targeting Russian bulletproof hosting (BPH) providers that have supported ransomware gangs and other cybercrime operations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-russian-bulletproof-hosting-provider-media-land-over-ransomware-ties/
-
Major Russian insurer facing widespread outages after cyberattack
Russian insurer VSK is trying to restore services after a major cyberattack damaged its systems, knocking offline its website, mobile app and other services used by millions of customers. First seen on therecord.media Jump to article: therecord.media/russia-vsk-cyberattack-outages
-
Major Russian insurer facing widespread outages after cyberattack
Russian insurer VSK is trying to restore services after a major cyberattack damaged its systems, knocking offline its website, mobile app and other services used by millions of customers. First seen on therecord.media Jump to article: therecord.media/russia-vsk-cyberattack-outages
-
WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network.The router hijacking activity has been codenamed Operation WrtHug by SecurityScorecard’s STRIKE team. Southeast Asia and European countries are some of the other regions where…
-
Pro-Russian group claims hits on Danish party websites as voters head to polls
Voting was not disrupted Tuesday by a wave of DDoS incidents affecting political party and government websites in Denmark a day earlier, officials said. First seen on therecord.media Jump to article: therecord.media/denmark-election-political-government-websites-ddos-incidents
-
Russian suspect detained in Thailand is allegedly tied to Void Blizzard group
More details are emerging about a 35-year-old Russian man arrested by Thai police in Phuket earlier this month with reported help from the FBI. First seen on therecord.media Jump to article: therecord.media/russian-arrested-thailand-allegedly-void-blizzard-apt-member
-
Thousands of fake travel sites used in ongoing Russian phishing campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-fake-travel-sites-used-in-ongoing-russian-phishing-campaign
-
Thousands of fake travel sites used in ongoing Russian phishing campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-fake-travel-sites-used-in-ongoing-russian-phishing-campaign
-
Acting on FBI Tip, Thailand Detains Suspected Russian Hacker
Suspect May Be Military Officer Indicted by US for 2016 Election Interference. Police in Thailand have arrested a Russian citizen suspected of launching hack attacks against targets around the world, who’s wanted by the FBI. While the suspect hasn’t been named, his age matches that of a Russian military intelligence officer indicted for 2016 U.S.…
-
New Detection Methods Uncovered for Outlook NotDoor Backdoor Malware
Cybersecurity researchers have unveiled comprehensive detection methodologies for NotDoor, a sophisticated backdoor malware that leverages Microsoft Outlook macros for covert command and control operations. The malware, attributed to the Russian state-sponsored threat group APT28 (Fancy Bear), represents an evolution in email-based persistence techniques that can evade traditional security controls. NotDoor was first identified by Lab52,…
-
Cyberattack on Russian port operator aimed to disrupt coal, fertilizer shipments
The goal, Port Alliance claimed, was to “destabilize operations and disrupt business processes” tied to exports of coal and mineral fertilizers through its seaports in the Baltic, AzovBlack Sea, Far Eastern and Arctic regions. First seen on therecord.media Jump to article: therecord.media/cyberattack-on-russian-port-operator
-
Suspected Russian hacker reportedly detained in Thailand, faces possible US extradition
Russian news reports and Thai sources said police had detained an alleged Russian hacker on the island of Phuket and transferred him to Bangkok for possible transfer to the U.S. First seen on therecord.media Jump to article: therecord.media/russian-hacker-detained-thailand-possible-us-extradition
-
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion attacks against enterprise environments worldwide. Kraken represents a significant evolution in ransomware threats due to…