Tag: russia
-
FBI Disrupts Russian Crypto Laundering Hub Enabling Cybercrime
A 39-year-old Russian national is accused of working with cybercriminals to convert criminal proceeds from cryptocurrency into various cash currencies First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-disrupts-russian-crypto/
-
Breach Roundup: Coupang Breach Sparks Leadership Shakeup
Also: Texas AG Sues Smart TV Manufacturers, Fortinet SSO Flaws. This week, a leadership shakeup at Coupang, attackers exploited critical Fortinet SSO flaws, Pornhub data hacked, Texas Attorney General Ken Paxton sued smart TV makers, auto finance provider 700Credit disclosed a breach affecting millions, A revived pro-Russia ransomware operation stumbled. First seen on govinfosecurity.com Jump…
-
Denmark says Russia was behind two ‘destructive and disruptive’ cyber-attacks
Intelligence service says attacks were work of groups connected to Russian state in ‘clear evidence’ of hybrid warThe Danish government has accused Russia of being behind two “destructive and disruptive” cyber-attacks in what it describes as “very clear evidence” of a hybrid war.The Danish Defence Intelligence Service (DDIS) announced on Thursday that Moscow was behind…
-
Russian Credential-Harvesting Apes Ukraine Webmail Platform
Widely Used ukr.net Is a Repeat Focus for APT28 Cyberespionage Operations. Don’t expect cyber spies to respect distinctions between military and civilian networks, especially in times of war, warn researchers tracking persistent Russian military intelligence credential-harvesting attacks against users of Ukraine’s popular, commercial UKR.NET webmail platform. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-credential-harvesting-apes-ukraine-webmail-platform-a-30325
-
Senate Intel chair urges national cyber director to safeguard against open-source software threats
Tom Cotton, R-Okla., cited Chinese and Russian involvement in open-source tech and the risks to government and defense systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/tom-cotton-open-source-software-foreign-influence-national-cyber-director/
-
Senate Intel chair urges national cyber director to safeguard against open-source software threats
Tom Cotton, R-Okla., cited Chinese and Russian involvement in open-source tech and the risks to government and defense systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/tom-cotton-open-source-software-foreign-influence-national-cyber-director/
-
FBI Seizes Crypto Laundering Hub E-Note Linked to Russian Admin
The FBI and international police have shut down E-Note, a cryptocurrency exchange that laundered over $70 million for cybercriminals. Read about the indictment of a Russian and how the global task force ended his decade-long operation. First seen on hackread.com Jump to article: hackread.com/fbi-seize-e-note-crypto-laundering-russian-admin/
-
Blurred Deception: Russian APT Targets Transnistria and NATO with High-Pressure Phishing Lures
The post Blurred Deception: Russian APT Targets Transnistria and NATO with High-Pressure Phishing Lures appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/blurred-deception-russian-apt-targets-transnistria-and-nato-with-high-pressure-phishing-lures/
-
DOJ announces takedown of alleged laundering platform used by cybercriminal groups
A Russian national was also indicted for running the platform. First seen on cyberscoop.com Jump to article: cyberscoop.com/michigan-e-note-crypto-exchange-takedown-ransomware-money-laundering-indictment/
-
Russian BlueDelta hackers ran phishing campaign against Ukrainian webmail users
Researchers said the campaign likely aimed to collect sensitive information from Ukrainian users in support of broader Russian intelligence objectives. First seen on therecord.media Jump to article: therecord.media/russian-bluedelta-hackers-ran-phishing-ukraine-webmail
-
Roblox in talks with Russia to restore access after platform ban sparks backlash
According to Russia’s media regulator Roskomnadzor, the U.S.-based company acknowledged shortcomings in moderating in-game content and securing user chats, and reached out to the agency to discuss potential changes. First seen on therecord.media Jump to article: therecord.media/roblox-in-talks-with-russia-to-restore-access-ban
-
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a “sustained” credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine.The activity, observed by Recorded Future’s Insikt Group between June 2024 and April 2025, builds upon prior findings from the cybersecurity company in…
-
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky.The Russian cybersecurity vendor said it detected the new activity in October 2025. The origins of the threat actor are presently unknown.”While the spring cyberattacks focused on organizations, the fall campaign honed…
-
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a “sustained” credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine.The activity, observed by Recorded Future’s Insikt Group between June 2024 and April 2025, builds upon prior findings from the cybersecurity company in…
-
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Tags: credentials, cyber, exploit, hacker, infrastructure, intelligence, network, russia, theft, threat, vulnerabilityAmazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (20212025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the…
-
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Tags: credentials, cyber, exploit, hacker, infrastructure, intelligence, network, russia, theft, threat, vulnerabilityAmazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (20212025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the…
-
Russian APT group pivots to network edge device misconfigurations
Tags: apt, attack, authentication, breach, cloud, credentials, detection, group, infrastructure, intelligence, mfa, mssp, network, russia, service, technology, theft, threatCredential harvesting: The researchers also observed credential replay attacks against victims’ other online services using stolen domain credentials following network edge device compromises. This indicates that the attackers are likely harvesting credentials by leveraging the traffic capturing and analysis capabilities of the compromised devices.”Time gap between device compromise and authentication attempts against victim services suggests…
-
Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices
The post Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/sandworms-tactical-pivot-russian-gru-abandons-zero-days-to-weaponize-misconfigured-edge-devices/
-
Russia’s GRU hackers targeting misconfigured network edge devices in attacks on energy sector, Amazon says
In a press briefing this week, Amazon officials said the years-long campaign “represents a significant evolution in critical infrastructure targeting.” First seen on therecord.media Jump to article: therecord.media/russia-gru-hackers-target-energy-sector-sandworm
-
Russia’s GRU hackers targeting misconfigured network edge devices in attacks on energy sector, Amazon says
In a press briefing this week, Amazon officials said the years-long campaign “represents a significant evolution in critical infrastructure targeting.” First seen on therecord.media Jump to article: therecord.media/russia-gru-hackers-target-energy-sector-sandworm
-
Amazon disrupts Russian GRU hackers attacking edge network devices
The Amazon Threat Intelligence team has disrupted active operations attributed to hackers working for the Russian foreign military intelligence agency, the GRU, who targeted customers’ cloud infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amazon-disrupts-russian-gru-hackers-attacking-edge-network-devices/
-
Russia Hits Critical Orgs Via Misconfigured Edge Devices
Amazon detailed a long-running campaign by Russia against critical infrastructure organizations, particularly in the energy sector. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/russian-apt-attacking-critical-orgs-around-world
-
Russian Hackers Launch Attacks on Network Edge Devices in Western Critical Infrastructure
Tags: attack, blizzard, cyber, hacker, infrastructure, intelligence, network, russia, threat, vulnerabilityRussian state-sponsored hackers are intensifying attacks on misconfigured network edge devices across Western critical infrastructure, marking a significant tactical shift as 2025 comes to a close. According to new insights from Amazon Threat Intelligence, this campaign linked with high confidence to Russia’s Main Intelligence Directorate (GRU) and the Sandworm/APT44/Seashell Blizzard cluster has deprioritized overt vulnerability…
-
Russian Hackers Launch Attacks on Network Edge Devices in Western Critical Infrastructure
Tags: attack, blizzard, cyber, hacker, infrastructure, intelligence, network, russia, threat, vulnerabilityRussian state-sponsored hackers are intensifying attacks on misconfigured network edge devices across Western critical infrastructure, marking a significant tactical shift as 2025 comes to a close. According to new insights from Amazon Threat Intelligence, this campaign linked with high confidence to Russia’s Main Intelligence Directorate (GRU) and the Sandworm/APT44/Seashell Blizzard cluster has deprioritized overt vulnerability…
-
Russia’s GRU Tied to Critical Infrastructure Cloud Breaches
Misconfigured Customer Network Edge Devices’ Under Fire, Warn Researchers. Misconfigured edge devices hosted in the cloud are giving nation-state hackers carte blanche to access Western critical infrastructure, warn threat intelligence experts at Amazon, who tied exploits of AWS customers’ device administrator portals to Russia’s GRU military intelligence agency. First seen on govinfosecurity.com Jump to article:…
-
Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities
Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities. First seen on hackread.com Jump to article: hackread.com/amazon-russia-gru-hackers-misconfigured-vulnerabilities/
-
Russia-linked hackers breach critical infrastructure organizations via edge devices
New research offers the latest evidence that vulnerable network edge equipment is a pressing concern. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russian-hackers-critical-infrastructure-energy-edge-devices/808005/
-
Amazon warns that Russia’s Sandworm has shifted its tactics
Researchers said attackers linked to Russia’s military intelligence agency have moved from vulnerability exploits to focus on poorly configured network edge devices to keep its access to target networks. First seen on cyberscoop.com Jump to article: cyberscoop.com/amazon-threat-intel-russia-attacks-energy-sector-sandworm-apt44/
-
Amazon security boss blames Russia’s GRU for years-long energy-sector hacks
‘Sustained focus on Western critical infrastructure’ First seen on theregister.com Jump to article: www.theregister.com/2025/12/15/amazon_ongoing_gru_campaign/