Tag: ukraine
-
Russian Threat Actor TAG-110 Goes Phishing in Tajikistan
While Ukraine remains Russia’s major target for cyberattacks, TAG-110 is part of a strategy to preserve a post-Soviet sphere of influence by embedding itself in other countries’ infrastructures. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/russian-threat-actor-tag-110-phishing-tajikistan
-
Russian hackers targeting Western logistics, tech support of Ukraine
First seen on scworld.com Jump to article: www.scworld.com/news/russian-hackers-targeting-western-logistics-tech-support-of-ukraine
-
Russian hacker group Killnet returns with new identity
Earlier this month, Killnet claimed it had hacked Ukraine’s drone-tracking system after disappearing from public view in 2023. First seen on therecord.media Jump to article: therecord.media/russian-hacker-group-killnet-returns-with-new-identity
-
Russische Cyber-Kampagne in Nato-Staaten aufgedeckt
Westliche Geheimdienste haben eine Cyber-Kampagne Russlands aufgedeckt, die gegen logistische und technologische Ziele in Nato-Staaten gerichtet ist. Wie das britische National Cyber Security Centre mitteilte, soll die Einheit 26165 des russischen Geheimdienstes GRU seit 2022 eine Kampagne gegen staatliche und private Organisationen durchgeführt haben. Dabei sollen auch solche ins Visier geraten sein, die mit der Koordination…
-
Russia-linked APT28 targets western logistics entities and technology firms
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology companies moving supplies into Ukraine, US CISA warns. TheAPT28group (akaFancy Bear,Pawn Storm,Sofacy Group,Sednit,BlueDelta, andSTRONTIUM)has been active since at least 2007 and it…
-
Behörden warnen: Russische Hacker bei Spionage über IP-Kameras erwischt
Dem russischen Militär zugeordnete Hacker haben es wohl auf Hilfslieferungen an die Ukraine abgesehen. Tausende IP-Kameras wurden infiltriert. First seen on golem.de Jump to article: www.golem.de/news/behoerden-warnen-russische-hacker-bei-spionage-ueber-ip-kameras-erwischt-2505-196449.html
-
Russian hackers breach orgs to track aid routes to Ukraine
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-breach-orgs-to-track-aid-routes-to-ukraine/
-
Russia’s Fancy Bear swipes a paw at logistics, transport orgs’ email servers
Their connection? Aiding Ukraine, duh First seen on theregister.com Jump to article: www.theregister.com/2025/05/21/russias_fancy_bear_alert/
-
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
Tags: cyber, email, exploit, hacker, intelligence, military, russia, service, spy, technology, threat, ukraine, vpn, vulnerabilityRussian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022.The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military Unit…
-
Russia stepping up attacks on firms aiding Ukraine, Western nations warn
One of Moscow’s most infamous hacker teams is targeting logistics and technology companies supporting Kyiv’s war effort. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-hacking-ukraine-aid-logistics-tech-companies-advisory/748723/
-
Russian GRU’s APT28 Targets Global Logistics Supporting Ukraine Defense
A new Joint Cybersecurity Advisory issued in May 2025 by a coalition of cybersecurity and intelligence agencies across First seen on securityonline.info Jump to article: securityonline.info/russian-grus-apt28-targets-global-logistics-supporting-ukraine-defense/
-
Teil der russischen Strategie – Hacker nehmen Rüstungslieferanten der Ukraine ins Visier
First seen on security-insider.de Jump to article: www.security-insider.de/russische-hackergruppe-fancy-bear-cyberspionage-ruestungsfirmen-a-654fe3a1c212a30b34d2081a5be50e42/
-
Nation-state APTs ramp up attacks on Ukraine and the EU
Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/21/apt-groups-attacks-eu-ukraine/
-
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-apt-intensify-cyber/
-
‘Operation RoundPress’ Targets Ukraine in XSS Webmail Attacks
A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/operation-roundpress-ukraine-xss-webmail-attacks
-
Russia-Linked SpyPress Malware Exploits Webmails to Spy on Ukraine
ESET reports on RoundPress, a cyber espionage campaign by Russia’s Fancy Bear (Sednit) targeting Ukraine-related organizations via webmail… First seen on hackread.com Jump to article: hackread.com/russia-spypress-malware-exploits-webmails-spy-ukraine/
-
Cyberangriff auf eine Klinik in Russland
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Pro-Ukraine Group Targets Russian Developers with Python Backdoor
ReversingLabs discovers dbgpkg, a fake Python debugger that secretly backdoors systems to steal data. Researchers suspect a pro-Ukraine… First seen on hackread.com Jump to article: hackread.com/ukraine-group-russian-developers-python-backdoor/
-
Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim’s webmail page First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-bear-russia-cyber-espionage/
-
Millionen russischer Gerichtsakten bei Cyberangriff gelöscht
Ukrainische Hacker sollen etwa ein Drittel des gesamten Datenbestandes eines nationalen Archivs der russischen Justiz gelöscht haben. 89 Millionen Akten sind weg. First seen on golem.de Jump to article: www.golem.de/news/ukraine-millionen-russischer-gerichtsakten-bei-cyberangriff-geloescht-2505-196265.html
-
After helping Russia on the ground North Korea targets Ukraine with cyberespionage
Tags: credentials, cyber, cyberespionage, email, government, hacker, identity, intelligence, korea, microsoft, north-korea, phishing, resilience, risk, russia, ukraineCredential harvesting: Before the phishing emails, the same Ukrainian government entities were targeted with email alerts impersonating Microsoft and claiming unusual sign-in activity was detected on their accounts. The victims were asked to perform identity verification by clicking on a button, which took them to credential harvesting pages.The Proofpoint researchers didn’t manage to obtain any…
-
Attack claimed by pro-Ukraine hackers reportedly erases a third of Russian court case archive
About a third of the case file archive of Pravosudiye, Russia’s national electronic court filing system, was deleted in a previously reported cyberattack, auditors said. First seen on therecord.media Jump to article: therecord.media/russia-court-system-hack-third-of-case-files-deleted
-
Kremlin-linked hackers target webmail servers of Eastern European government agencies
Russia-linked hackers known as APT28 mainly targeted entities in Ukraine, Bulgaria and Romania, but governments in Africa, South America and other parts of Europe were also affected. First seen on therecord.media Jump to article: therecord.media/kremlin-linked-hackers-target-webmail-eastern-europe-governments
-
Hacker nehmen Rüstungslieferanten der Ukraine ins Visier
Tags: 2fa, access, authentication, bug, cyberattack, exploit, hacker, mail, mfa, password, software, strategy, ukraine, vulnerabilityRussische Hacker greifen gezielt Rüstungsfirmen an, die die Ukraine mit Waffen versorgen.Die berüchtigte russische Hackergruppe Fancy Bear hat gezielt Rüstungsfirmen angegriffen, die Waffen an die Ukraine liefern. Das geht aus einer aktuellen Studie des slowakischen Sicherheitsunternehmens Eset aus Bratislava hervor. Danach richteten sich die Angriffe vor allem gegen Hersteller sowjetischer Waffentechnik in Bulgarien, Rumänien und…
-
TA406 Hackers Target Government Entities to Steal Login Credentials
Tags: attack, credentials, cyber, government, hacker, intelligence, login, malware, north-korea, phishing, russia, threat, ukraineThe North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni, has set its sights on Ukrainian government entities. Proofpoint researchers have uncovered a dual-pronged offensive involving both credential harvesting and malware deployment through highly targeted phishing campaigns. The likely objective of these attacks is to gather strategic intelligence on the Russian…
-
Nordkoreas Cyberkrieg in der Ukraine: Hackergruppe wechselt die Seiten
In der Ukraine ist eine neue Cyberbedrohung aufgetaucht: Die staatlich gesteuerte Hackergruppe TA406 aus Nordkorea greift gezielt politische Einrichtungen an. Die Aktion wirft Fragen zur Rolle Nordkoreas im digitalen Schattenkrieg des Russland-Ukraine-Konflikts auf. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/nordkoreas-cyberkrieg-ukraine
-
TA406 Cyber Campaign: North Korea’s Focus on Ukraine Intelligence
In a recently disclosed campaign, TA406, a North Korean state-aligned threat actor, has expanded its cyber-espionage efforts by First seen on securityonline.info Jump to article: securityonline.info/ta406-cyber-campaign-north-koreas-focus-on-ukraine-intelligence/