Tag: ukraine
-
Russian Calisto Hackers Target NATO Research with ClickFix Malware
Tags: credentials, cyber, defense, hacker, intelligence, malicious, malware, phishing, russia, service, spear-phishing, threat, ukraineRussian intelligence-linked cyber threat actors have intensified their operations against NATO research organizations, Western defense contractors, and NGOs supporting Ukraine, employing sophisticated phishing and credential harvesting techniques. The Calisto intrusion set, attributed to Russia’s FSB intelligence service, has escalated its spear-phishing campaigns throughout 2025, leveraging the ClickFix malicious code technique to target high-value entities across…
-
Russian scientist sentenced to 21 years on treason, cyber sabotage charges
Artyom Khoroshilov, a researcher at the Moscow Institute of General Physics, will spend more than 20 years in Russian prison on accusations that include treason for aid sent to Ukraine and sabotage related to a DDoS attack on the postal system. First seen on therecord.media Jump to article: therecord.media/russia-sentences-physicist-treason-ddos-attacks
-
Western coalition supplying tech to Ukraine prepared for long war
Russia is deploying hybrid warfare against Europe as western nations supply critical IT and telecoms equipment to Ukraine’s front line First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366635678/Western-coalition-supplying-tech-to-Ukraine-prepared-for-long-war
-
Ukrainian Hackers Target Russian Aerospace and Defense Sectors
Multiple Ukrainian hacktivist groups have launched an extensive spearphishing campaign targeting Russia’s critical aerospace and defence industries, according to a new threat intelligence report by Intrinsec. The coordinated attacks between June and September 2025 represent an escalating cyber warfare strategy aimed at disrupting Russian military capabilities and civilian aviation operations.”‹ The campaign involves several prominent…
-
Ukrainian Hackers Target Russian Aerospace and Defense Sectors
Multiple Ukrainian hacktivist groups have launched an extensive spearphishing campaign targeting Russia’s critical aerospace and defence industries, according to a new threat intelligence report by Intrinsec. The coordinated attacks between June and September 2025 represent an escalating cyber warfare strategy aimed at disrupting Russian military capabilities and civilian aviation operations.”‹ The campaign involves several prominent…
-
RomCom tries dropping a notromantic payload on Ukraine-linked US firms
Target profile focused on Ukraine support: The second major insight from the report concerns victim selection. The targeted firm was not a defense contractor or a government body but a civil engineering company in the US. Its only notable link was past work involving a Ukraine-affiliated city.According to Arctic Wolf, the incident fits RomCom’s broader…
-
RomCom tries dropping a notromantic payload on Ukraine-linked US firms
Target profile focused on Ukraine support: The second major insight from the report concerns victim selection. The targeted firm was not a defense contractor or a government body but a civil engineering company in the US. Its only notable link was past work involving a Ukraine-affiliated city.According to Arctic Wolf, the incident fits RomCom’s broader…
-
Russian-Backed Threat Group Uses SocGholish to Target U.S. Company
The Russian state-sponsored group behind the RomCom malware family used the SocGholish loader for the first time to launch an attack on a U.S.-based civil engineering firm, continuing its targeting of organizations that offer support to Ukraine in its ongoing war with its larger neighbor. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/russian-backed-threat-group-uses-socgholish-to-target-u-s-company/
-
Russian-Backed Threat Group Uses SocGholish to Target U.S. Company
The Russian state-sponsored group behind the RomCom malware family used the SocGholish loader for the first time to launch an attack on a U.S.-based civil engineering firm, continuing its targeting of organizations that offer support to Ukraine in its ongoing war with its larger neighbor. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/russian-backed-threat-group-uses-socgholish-to-target-u-s-company/
-
Russia-aligned hackers target US company in attack linked to Ukraine war effort
A threat group called RomCom has a history of cyberattacks against entities connected to the conflict. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-hackers-us-company-attack-ukraine-war/806423/
-
Hackers knock out systems at Moscow-run postal operator in occupied Ukraine
Donbas Post, which operates in the Russian-controlled parts of Donetsk and Luhansk, said the incident affected its corporate network, web platform and email systems. The company had restricted access to several services to contain the breach and was working to restore operations. First seen on therecord.media Jump to article: therecord.media/hackers-knock-out-systems-russia-operated-post-ukraine
-
Russian money launderers bought a bank to disguise ransomware profit
A billion-dollar money laundering network active in the UK funnelled money, including the profits of ransomware attacks, into its own bank to circumvent sanctions on Russia and help fund its attacks on Ukraine First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634571/Russian-money-launderers-bought-a-bank-to-disguise-ransomware-profit
-
Russia blacklists S.T.A.L.K.E.R. game developer, accusing it of aiding Ukraine’s war effort
The Prosecutor General’s Office accused the game’s developer, GSC Game World, of financing Ukraine’s armed forces, alleging it transferred about $17 million to the military in 2022. First seen on therecord.media Jump to article: therecord.media/russia-blacklists-stalker-game-developer
-
Russia blacklists S.T.A.L.K.E.R. game developer, accusing it of aiding Ukraine’s war effort
The Prosecutor General’s Office accused the game’s developer, GSC Game World, of financing Ukraine’s armed forces, alleging it transferred about $17 million to the military in 2022. First seen on therecord.media Jump to article: therecord.media/russia-blacklists-stalker-game-developer
-
Iranian APT hacks helped direct missile strikes in Israel and the Red Sea
MuddyWater uses hacked CCTV cameras to help guide missiles: Amazon also found supporting threat intel evidence for another Iran-linked incident involving cyber espionage and missile strikes that has received some official confirmation.After the US strikes against Iran’s nuclear sites in June, Iran retaliated by launching a barrage of missiles against Israel, targeting cities such as…
-
4 U.S. Citizens, Ukrainian Plead Guilty in N. Korea IT Worker Scheme
Four U.S. citizens and a Ukrainian national pleaded guilty to their roles in a North Korean IT worker scam that victimized more than 135 U.S. companies and netted more than $2.2 million for the DPRK regime and is military and weapons programs. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/4-u-s-citizens-ukrainian-plead-guilty-in-n-korea-it-worker-scheme/
-
Energiesektor im Visier von Hackern
Tags: ai, awareness, bsi, cisa, cyber, cyberattack, cybersecurity, data, ddos, defense, detection, germany, hacker, infrastructure, intelligence, Internet, iot, nis-2, password, ransomware, resilience, risk, risk-analysis, risk-management, soc, threat, ukraine, update, usa, vulnerabilityEnergieversorger müssen ihre Systeme vor immer raffinierteren Cyberangriffen schützen.Die Energieversorgung ist das Rückgrat moderner Gesellschaften. Stromnetze, Gaspipelines und digitale Steuerungssysteme bilden die Grundlage für Industrie, Transport und öffentliche Dienstleistungen. Doch mit der zunehmenden Digitalisierung wächst auch die Angriffsfläche. In den vergangenen Jahren ist der Energiesektor verstärkt ins Visier von Cyberkriminellen und staatlich unterstützten Angreifern geraten.…
-
Emulating the Destructive Sandworm Adversary
AttackIQ has released a new assessment template designed to emulate the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with a recent intrusion targeting Ukrainian organizations that aligns with patterns previously associated with Sandworm. While attribution remains unconfirmed, this assessment helps defenders improve their security posture against similarly sophisticated and persistent threats. First seen on…
-
Russia imposes 24-hour mobile internet blackout for travelers returning home
Concerns about domestic SIM card use in Ukrainian drones have led the Kremlin to impose a mobile internet “cooling-off period” for anyone returning home to Russia from abroad. First seen on therecord.media Jump to article: therecord.media/russia-24-hour-traveler-mobile-internet-blackouts-ukraine-drones
-
Russia imposes 24-hour mobile internet blackout for travelers returning home
Concerns about domestic SIM card use in Ukrainian drones have led the Kremlin to impose a mobile internet “cooling-off period” for anyone returning home to Russia from abroad. First seen on therecord.media Jump to article: therecord.media/russia-24-hour-traveler-mobile-internet-blackouts-ukraine-drones
-
Russian missile barrage disrupts internet, customs databases in Ukraine
Emergency blackouts lasting up to 12 hours were introduced following the attack, with Kyiv and other regions facing widespread internet and communication outages, according to internet watchdog NetBlocks. First seen on therecord.media Jump to article: therecord.media/russian-missile-barrage-disrupts-internet-ukraine
-
Russian missile barrage disrupts internet, customs databases in Ukraine
Emergency blackouts lasting up to 12 hours were introduced following the attack, with Kyiv and other regions facing widespread internet and communication outages, according to internet watchdog NetBlocks. First seen on therecord.media Jump to article: therecord.media/russian-missile-barrage-disrupts-internet-ukraine
-
Russian missile barrage disrupts internet, customs databases in Ukraine
Emergency blackouts lasting up to 12 hours were introduced following the attack, with Kyiv and other regions facing widespread internet and communication outages, according to internet watchdog NetBlocks. First seen on therecord.media Jump to article: therecord.media/russian-missile-barrage-disrupts-internet-ukraine
-
Russian Hacking Group Sandworm Deploys New Wiper Malware in Ukraine
Sandworm deployed data wipers against Ukrainian governmental entities and companies in the energy, logistics and grain sectors First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-sandworm-new-wiper-ukraine/
-
Russia-linked APT InedibleOchotense impersonates ESET to deploy backdoor on Ukrainian systems
Russia-linked group InedibleOchotense used fake ESET installers in phishing attacks on Ukrainian targets in May 2025. Russia-linked group InedibleOchotense used trojanized ESET installers in phishing attacks against Ukrainian entities detected in May 2025. The campaign used emails and Signal messages to deliver trojanized ESET installers that installed both legitimate software and the Kalambur backdoor. >>Another…
-
Russia-linked APT InedibleOchotense impersonates ESET to deploy backdoor on Ukrainian systems
Russia-linked group InedibleOchotense used fake ESET installers in phishing attacks on Ukrainian targets in May 2025. Russia-linked group InedibleOchotense used trojanized ESET installers in phishing attacks against Ukrainian entities detected in May 2025. The campaign used emails and Signal messages to deliver trojanized ESET installers that installed both legitimate software and the Kalambur backdoor. >>Another…
-
Sandworm Hackers Target Ukrainian Organizations With Data-Wiping Malware
Russia-aligned threat actor Sandworm has intensified its destructive cyber operations against Ukrainian organizations, deploying data wiper malware to cripple critical infrastructure and weaken the nation’s economy. Unlike other Russia-aligned advanced persistent threat groups that primarily engage in cyberespionage activities, Sandworm’s operations are characterized by their explicitly destructive intent. According to the latest ESET APT Activity…
-
Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine
Sandworm and other Russian-state hackers unleash data-destroying payloads on their neighbors. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/wipers-from-russias-most-cut-throat-hackers-rain-destruction-on-ukraine/
-
Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine
Sandworm and other Russian-state hackers unleash data-destroying payloads on their neighbors. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/wipers-from-russias-most-cut-throat-hackers-rain-destruction-on-ukraine/
-
Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine
Sandworm and other Russian-state hackers unleash data-destroying payloads on their neighbors. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/wipers-from-russias-most-cut-throat-hackers-rain-destruction-on-ukraine/