Tag: ukraine
-
Ukrainian extradited from Ireland on Conti ransomware charges
A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukrainian-extradited-from-ireland-on-conti-ransomware-charges/
-
Ukrainian extradited from Ireland on Conti ransomware charges
A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukrainian-extradited-from-ireland-on-conti-ransomware-charges/
-
Russian APTs Exploit LotL Techniques in Ukraine Cyber Attacks, Deploying Sandworm-Linked Webshell and Credential Dumping
The post Russian APTs Exploit LotL Techniques in Ukraine Cyber Attacks, Deploying Sandworm-Linked Webshell and Credential Dumping appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/russian-apts-exploit-lotl-techniques-in-ukraine-cyber-attacks-deploying-sandworm-linked-webshell-and-credential-dumping/
-
Russian-Linked Cyberattacks Continue to Target Ukrainian Organizations
Sandworm targets Ukrainian networks using stealthy, low-malware attacks that exploit legitimate Windows tools to evade detection. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/russian-linked-cyberattacks-continue-to-target-ukrainian-organizations/
-
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black. Russian threat actors, likely linked to the APT Sandworm, targeted Ukrainian organizations to steal sensitive data and maintain long-term network access, Symantec Threat Hunter Team and Carbon Black report.…
-
Russian Hackers Target Government with Stealthy “Livingthe-Land” Tactics
Russian-linked attackers have intensified their targeting of Ukrainian organizations through sophisticated intrusions that rely heavily on legitimate Windows tools rather than malware. The attackers demonstrated remarkable restraint in their malware deployment, instead leveraging living-off-the-land tactics and dual-use tools to evade detection while accomplishing their objectives. A recent investigation by our Threat Hunter Team revealed two…
-
Russian Hackers Target Government with Stealthy “Livingthe-Land” Tactics
Russian-linked attackers have intensified their targeting of Ukrainian organizations through sophisticated intrusions that rely heavily on legitimate Windows tools rather than malware. The attackers demonstrated remarkable restraint in their malware deployment, instead leveraging living-off-the-land tactics and dual-use tools to evade detection while accomplishing their objectives. A recent investigation by our Threat Hunter Team revealed two…
-
Russian Hackers Target Ukrainian Organizations Using Stealthy Livingthe-Land Tactics
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks.The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business services organization for two months and a local government entity…
-
Russian Hackers Target Ukrainian Organizations Using Stealthy Livingthe-Land Tactics
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks.The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business services organization for two months and a local government entity…
-
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say. First seen on therecord.media Jump to article: therecord.media/russia-linked-breaches-ukraine-living-off-the-land
-
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say. First seen on therecord.media Jump to article: therecord.media/russia-linked-breaches-ukraine-living-off-the-land
-
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say. First seen on therecord.media Jump to article: therecord.media/russia-linked-breaches-ukraine-living-off-the-land
-
Chatbots parrot Putin’s propaganda about the illegal invasion of Ukraine
Tags: ukraineFake views from Moscow’s pet media outlets appear in about one in five responses First seen on theregister.com Jump to article: www.theregister.com/2025/10/28/chatbots_still_parrot_russian_state/
-
Chatbots Are Pushing Sanctioned Russian Propaganda
ChatGPT, Gemini, DeepSeek, and Grok are serving users propaganda from Russian-backed media when asked about the invasion of Ukraine, new research finds. First seen on wired.com Jump to article: www.wired.com/story/chatbots-are-pushing-sanctioned-russian-propaganda/
-
Blitz Spear Phishing Campaign Targets NGOs Supporting Ukraine
A spear phishing campaign dubbed PhantomCaptcha targeted Ukraine’s war relief efforts and regional government administrations for a single day in October First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blitz-spear-phishing-ngos-ukraine/
-
PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT
The post PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/phantomcaptcha-spyware-targets-ukraine-ngos-with-fake-cloudflare-lure-to-deploy-websocket-rat/
-
PhantomCaptcha RAT Attack Targets Aid Groups Supporting Ukraine
SentinelLABS’ research reveals PhantomCaptcha, a highly coordinated, one-day cyber operation on Oct 8, 2025, targeting the International Red Cross, UNICEF, and Ukraine government groups using fake emails and a Remote Access Trojan (RAT) linked to Russian infrastructure. First seen on hackread.com Jump to article: hackread.com/phantomcaptcha-rat-attack-targets-ukraine/
-
PhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver Malware
A sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a custom remote access trojan. The PhantomCaptcha campaign, launched on October 8th, 2025, specifically targeted individual members of the International Committee of the Red Cross, United Nations Children’s Fund (UNICEF) Ukraine…
-
PhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver Malware
A sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a custom remote access trojan. The PhantomCaptcha campaign, launched on October 8th, 2025, specifically targeted individual members of the International Committee of the Red Cross, United Nations Children’s Fund (UNICEF) Ukraine…
-
PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025
PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne researchers uncovered PhantomCaptcha, a coordinated spear-phishing campaign on October 8, 2025, targeting Ukraine war relief groups, including Red Cross, UNICEF, NRC, and local administrations. Threat actors used fake emails to deploy a WebSocket-based…
-
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2).The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee First seen on thehackernews.com…
-
PhantomCaptcha Campaign Targets Ukraine Relief Organizations
SentinelLABS Researchers have uncovered a new phishing campaign, PhantomCaptcha, targeting aid organizations supporting Ukraine First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phantomcaptcha-campaign-targets/
-
PhantomCaptcha ClickFix attack targets Ukraine war relief orgs
A spearphishing attack that lasted a single day targeted members of the Ukrainian regional government administration and organizations critical for the war relief effort in Ukraine, including the International Committee of the Red Cross, UNICEF, and various NGOs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phantomcaptcha-clickfix-attack-targets-ukraine-war-relief-orgs/
-
‘PhantomCaptcha’ hackers impersonate Ukrainian president’s office in attack on war relief workers
A spearphishing campaign earlier in October disappeared within a day, according to cybersecurity researchers, but it was aimed at a wide variety of targets associated with the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/phantomcaptcha-spearphishing-campaign-ukraine-war-relief-groups
-
‘PhantomCaptcha’ hackers impersonate Ukrainian president’s office in attack on war relief workers
A spearphishing campaign earlier in October disappeared within a day, according to cybersecurity researchers, but it was aimed at a wide variety of targets associated with the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/phantomcaptcha-spearphishing-campaign-ukraine-war-relief-groups
-
Russian Disinformation Followed Drone Incursion of Poland
Active Measures Teams Rapidly Springboarding From Current Events, Find Researchers. After Russian drones violated Polish airspace last month, multiple pro-Kremlin information operations teams sprang into action to advance pro-Moscow narratives that distorted the facts, as part of a hybrid operation designed to destabilize Poland, and NATO support for Ukraine, said experts. First seen on govinfosecurity.com…
-
APT28 Deploys BeardShell and Covenant Modules via Weaponized Office Documents
Security researchers at Sekoia.io have uncovered a sophisticated cyberattack campaign orchestrated by APT28, the notorious Russian state-sponsored threat actor, targeting Ukrainian military personnel with weaponized Office documents that deliver advanced malware frameworks including BeardShell and Covenant modules. The operation represents a significant evolution in APT28’s tactics, leveraging legitimate cloud infrastructure and novel obfuscation techniques to…
-
Deutschland größtes Hacker-Ziel in der EU
Tags: authentication, china, cyberattack, defense, extortion, germany, hacker, iran, login, mail, mfa, microsoft, north-korea, password, phishing, ransomware, software, ukraineLaut einer Studie von Microsoft richteten sich 3,3 Prozent aller Cyberangriffe weltweit im ersten Halbjahr 2025 gegen Ziele in Deutschland.Kein Land in der Europäischen Union steht so sehr im Fokus von kriminellen Hackern wie Deutschland. Das geht aus dem Microsoft Digital Defense Report 2025 hervor, den der Software-Konzern in Redmond veröffentlicht hat. Danach richteten sich…
-
Hacker attackieren Vergabeportal für öffentliche Aufträge
Prorussische Hacker haben die Internetseite des Deutschen Vergabeportals fast eine Woche lang lahmgelegt.Prorussische Hacker haben nach einem Bericht der Süddeutschen Zeitung (SZ) die Webseite des Deutschen Vergabeportals des Bundes in die Knie gezwungen. Durch die Cyberattacke war diese wichtige Schnittstelle zwischen Staat und Wirtschaft fast eine Woche lang nicht erreichbar. Am Dienstagnachmittag war das Portal…
-
Ukraine takes steps to launch dedicated cyber force for offensive strikes
Ukraine lawmakers are considering uniting the country’s offensive and defensive military cyber capabilities under a single command within the Armed Forces. First seen on therecord.media Jump to article: therecord.media/ukraine-takes-steps-dedicated-cyber-force