Tag: russia
-
Russia-linked hackers breach critical infrastructure organizations via edge devices
New research offers the latest evidence that vulnerable network edge equipment is a pressing concern. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russian-hackers-critical-infrastructure-energy-edge-devices/808005/
-
Amazon warns that Russia’s Sandworm has shifted its tactics
Researchers said attackers linked to Russia’s military intelligence agency have moved from vulnerability exploits to focus on poorly configured network edge devices to keep its access to target networks. First seen on cyberscoop.com Jump to article: cyberscoop.com/amazon-threat-intel-russia-attacks-energy-sector-sandworm-apt44/
-
Amazon security boss blames Russia’s GRU for years-long energy-sector hacks
‘Sustained focus on Western critical infrastructure’ First seen on theregister.com Jump to article: www.theregister.com/2025/12/15/amazon_ongoing_gru_campaign/
-
Amazon security boss blames Russia’s GRU for years-long energy-sector hacks
‘Sustained focus on Western critical infrastructure’ First seen on theregister.com Jump to article: www.theregister.com/2025/12/15/amazon_ongoing_gru_campaign/
-
AWS Report Links Multi-Year Effort to Compromise Cloud Services to Russia
Amazon Web Services (AWS) today published a report detailing a series of cyberattacks occurring over multiple years attributable to Russia’s Main Intelligence Directorate (GRU) that were aimed primarily at the energy sector in North America, Europe and the Middle East. The latest Amazon Threat Intelligence report concludes that the cyberattacks have been evolving since 2021,..…
-
AWS Report Links Multi-Year Effort to Compromise Cloud Services to Russia
Amazon Web Services (AWS) today published a report detailing a series of cyberattacks occurring over multiple years attributable to Russia’s Main Intelligence Directorate (GRU) that were aimed primarily at the energy sector in North America, Europe and the Middle East. The latest Amazon Threat Intelligence report concludes that the cyberattacks have been evolving since 2021,..…
-
Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files
A new version of VolkLocker, wielded by the pro-Russia RaaS group CyberVolk, has some key enhancements but one fatal flaw. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/flaw-hacktivist-ransomware-victims-decrypt-files
-
Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-phishing-phantom-stealer/
-
MI6 chief warns ‘front line is everywhere’ and signals intent to pressure Putin
In her first public speech, the new chief of Britain’s MI6, Blaise Metreweli, will point to the acute threat posed by Russia, according to pre-released excerpts. First seen on therecord.media Jump to article: therecord.media/mi6-chief-speech-russia-threats-warning
-
MI6 chief warns ‘front line is everywhere’ and signals intent to pressure Putin
In her first public speech, the new chief of Britain’s MI6, Blaise Metreweli, will point to the acute threat posed by Russia, according to pre-released excerpts. First seen on therecord.media Jump to article: therecord.media/mi6-chief-speech-russia-threats-warning
-
Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
Cybersecurity researchers have disclosed details of an active phishing campaign that’s targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images.The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primarily singled out finance and accounting entities, with those in the procurement, legal, payroll First…
-
New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems
CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused by Telegram enforcement actions. The group returned in August 2025 with version 2.x, featuring advanced Telegram-based automation and cross-platform capabilities targeting both Linux and Windows systems. VolkLocker is built in…
-
New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems
CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused by Telegram enforcement actions. The group returned in August 2025 with version 2.x, featuring advanced Telegram-based automation and cross-platform capabilities targeting both Linux and Windows systems. VolkLocker is built in…
-
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without paying an extortion fee.According to SentinelOne, VolkLocker (aka CyberVolk 2.x) emerged in August 2025 and is capable of targeting both Windows First…
-
‘The frontline is everywhere’: new MI6 head to warn of growing Russian threat
Blaise Metreweli expected to say UK faces new ‘age of uncertainty’ in speech identifying Kremlin as key threatAssassination plots, sabotage, cyber-attacks and the manipulation of information by Russia and other hostile states mean that “the frontline is everywhere”, the new head of MI6 will warn on Monday.Blaise Metreweli, giving her first speech in the job,…
-
Russian Ring Using Ex-Immigrant Data to Fuel Fake ID Sales
Telegram-Based Market Is Exploiting Gaps in US Tracking of Departed Visa Holders. A Russian darknet marketplace is exploiting a major blind spot for U.S. financial institutions by trafficking in the identities of former legal immigrants. Telegram-based group Karma Fullz has built a profitable criminal enterprise with highly convincing synthetic identities. First seen on govinfosecurity.com Jump…
-
Hackers reportedly breach developer involved with Russia’s military draft database
A hacking group it had maintained access to the firm’s systems for several months and had destroyed parts of the company’s infrastructure. First seen on therecord.media Jump to article: therecord.media/hackers-reportedly-breach-developer-involved-in-russian-military-database
-
Feds: Pro-Russia Hacktivists Target US Critical Infrastructure
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hactivists-target-critical-infrastructure
-
Feds: Pro-Russia Hacktivists Target US Critical Infrastructure
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hactivists-target-critical-infrastructure
-
Pro-Russia Hacktivist Support: Ukrainian Faces US Charges
Ukrainian Victoria Dubranova, 33, faces US charges for aiding pro-Russia hacktivist groups CARR and NoName057(16) in global cyberattacks. A Ukrainian woman, Victoria Dubranova (33), has been charged in the US for allegedly aiding the pro-Russia hacktivist groups Cyber Army of Russia Reborn (CARR) and NoName057(16) in cyberattacks against critical infrastructure worldwide. Dubranova was extradited to…
-
FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs
The post FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/fbi-cisa-warn-pro-russia-hacktivists-target-critical-infrastructure-via-unsecured-vnc-hmis/
-
FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs
The post FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/fbi-cisa-warn-pro-russia-hacktivists-target-critical-infrastructure-via-unsecured-vnc-hmis/
-
FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs
The post FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/fbi-cisa-warn-pro-russia-hacktivists-target-critical-infrastructure-via-unsecured-vnc-hmis/
-
DOJ, CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA), alongside several other U.S. and international agencies, released an advisory covering the cyberattacks launched by CyberArmyofRussia_Reborn (CARR), NoName057(16) and several related groups. First seen on therecord.media Jump to article: therecord.media/doj-cisa-warn-russia-hackers-targeting-critical-infrastructure
-
Response to CISA Advisory (AA25-343A): Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
AttackIQ has issued recommendations in response to the Cybersecurity Advisory (CSA) released by the Cybersecurity and Infrastructure Security Agency (CISA) on December 9, 2025, which details the ongoing targeting of critical infrastructure by pro-Russia hacktivists. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/response-to-cisa-advisory-aa25-343a-pro-russia-hacktivists-conduct-opportunistic-attacks-against-us-and-global-critical-infrastructure/
-
Russia’s flagship airline hacked through little-known tech vendor, according to new report
The breach, which was claimed by the pro-Ukrainian hacker collective Silent Crow and the allied Belarusian Cyber-Partisans, paralyzed Aeroflot’s operations, grounding more than a hundred flights. First seen on therecord.media Jump to article: therecord.media/russia-flagship-airline-hacked-through-little-known-vendor
-
Russian State-Supported Hacktivist Groups Targeted in Dual DOJ Indictments
The U.S. Department of Justice has unveiled a series of actions against two Russian state-supported cyber collectives, CARR (also known as CyberArmyofRussia_Reborn or CyberArmyofRussia) and NoName057(16), with prosecutors unsealing dual indictments against Ukrainian national Victoria Eduardovna Dubranova, 33. Dubranova, known online as “Vika,” “Tory,” and “SovaSonya,” is accused of participating in destructive campaigns against critical…
-
Ukrainian hacker charged with helping Russian hacktivist groups
U.S. prosecutors have charged a Ukrainian national for her role in cyberattacks targeting critical infrastructure worldwide, including U.S. water systems, election systems, and nuclear facilities, on behalf of Russian state-backed hacktivist groups. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukrainian-hacker-charged-with-helping-russian-hacktivist-groups/
-
CISA and FBI Warn of Pro-Russia Hacktivist Attacks on Critical Infrastructure Worldwide
Tags: advisory, attack, cisa, cyber, cybercrime, cybersecurity, infrastructure, international, russia, tactics, technologyThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and international partners from the European Cybercrime Centre (EC3) have released a joint cybersecurity advisory detailing the escalating activities of pro-Russia hacktivist groups. This new advisory highlights a shift in tactics, with hacktivists targeting Operational Technology (OT) and Industrial…
-
CISA and FBI Warn of Pro-Russia Hacktivist Attacks on Critical Infrastructure Worldwide
Tags: advisory, attack, cisa, cyber, cybercrime, cybersecurity, infrastructure, international, russia, tactics, technologyThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and international partners from the European Cybercrime Centre (EC3) have released a joint cybersecurity advisory detailing the escalating activities of pro-Russia hacktivist groups. This new advisory highlights a shift in tactics, with hacktivists targeting Operational Technology (OT) and Industrial…