Pro-Russian Hackers Target XSS In Roundcube

Ex-NSA Techie Pleads Guilty To Selling State Secrets To Russia

CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors "interfered" with at least 11 telecommunication service providers in the country between May and September 2023. The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers. The starting point of the attacks is a reconnaissance phase in

Russian State Hackers Attempted To Block Ukrainians From Opening US Bank Accounts

Russia's APT29 Intensifies Espionage Operations

Government Of Bermuda Links Cyberattacks To Russian Hackers

Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals

Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service manuals have begun to surface," Securonix researchers Den

Vast Majority Of Bot Attacks Emanate From China And Russia

Senators Want Clarity From Pentagon On Ukraine Starlink Access Fiasco

Exiled Russian Journalist Hacked Using NSO Group Spyware

North Korea Hackers Going After Russian Targets, Microsoft Says

Big Tech Has Failed To Police Russian Disinformation

Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure

The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates the infection chain. “Visiting the link will download a ZIP archive containing three JPG images (

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

Cybersecurity Experts Say The West Has Failed To Learn Lessons From Ukraine

Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks

An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors. The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called Duke, which has been attributed to APT29 (aka BlueBravo, Cloaked Ursa, Cozy Bear, Iron Hemlock,

North Korean Hackers Targeted Russian Missile Developer

Microsoft Says Russian Govt Hackers Behind Teams Phishing Attacks

Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures

A Russia-nexus adversary has been linked to 94 new domains starting March 2023, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm Recorded Future linked the revamped infrastructure to a threat actor it tracks under the name BlueCharlie, a hacking crew that's broadly known by the names Blue Callisto,

Was Pro-Russian Group Behind Kenya Cyber-Attack?

BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities

The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the use of legitimate internet services (LIS) for command-and-control (C2) obfuscation, Recorded Future said in

Russia Throws Group-IB Founder In The Clink For Treason

Turla's New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector

The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that's capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency Response Team of Ukraine (CERT-UA), attributed the attacks to a Russian nation-state actor known as Turla, which is

CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise

The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. "As a vector of primary compromise, for the most part, emails and messages in messengers (Telegram, WhatsApp, Signal) are used, in most cases, using previously compromised accounts," the Computer Emergency Response Team of Ukraine (CERT-UA) said in

Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as Midnight Blizzard. The intrusions, which make use of residential proxy services to obfuscate the source IP address of the attacks, target governments, IT service providers, NGOs, defense, and critical manufacturing sectors, the tech giant's threat

Why Is It So Rare To Hear About Western Cyber Attacks?

Progress Software Hit With Class Action Suit Over MOVEit Hack

Hacktivist Group Anonymous Sudan A Bear In Wolf's Clothing

MOVEit Customers Urged To Patch Third Critical Vulnerability

Hacker Gang Clop Publishes Victim Names On Dark Web

Feds Arrest, Charge Russian National In Arizona For LockBit Attacks

Russia Hackers Unleash New USB-Based Malware On Ukraine's Military

What's Really Changed 10 Years After The Snowden Revelations

British Airways, Boots, And BBC Staff Details Targeted In Russia-Linked Cyber Attack

Clickless iOS Exploits Infect Kaspersky iPhones With Never-Before-Seen Malware

Russia Says U.S. Accessed Thousands Of Apple Phones In Spy Plot

The Undergound History Of Russia's Most Ingenious Hacker Group

DOJ Links Iran, China, And Russia To Five IP-Theft Related Cases

US Charges, Sanctions Russian Ransomware Operator Who Leaked Stolen DC Police Data

U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator

A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world. Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar), the 30-year-old individual in question, is alleged to be a "central figure" in the development and deployment of LockBit, Babuk,

How One Of Vladimir Putin's Most Prized Hacking Units Got Pwned By The FBI

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using compromised accounts and come with a ZIP archive that, in reality, is a polyglot file containing a decoy document and a JavaScript file. The

Russia's APT28 Targets Ukraine With Bogus Windows Updates

Pro-Russian Hackers Target European Air Traffic Control

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. "Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. "The threat actor targets government and

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Elite hackers associated with Russia's military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google's Threat Analysis Group (TAG), which is monitoring the activities of the actor under the name FROZENLAKE, said the attacks continue the "group's 2022 focus

Russian Snoops Just Love Invading Unpatched Cisco Gear, America And UK Warn

Four Charged With Pushing Pro-Kremlin Disinfo, Election Interference

Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities

The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as

Pro-Russia Cyber Gang Winter Vivern Puts US, Euro Lawmakers In Line Of Fire

Secret Trove Offers Rare Look Into Russian Cyberwar Ambitions

Pro-Russian Hackers Target Elected US Officials Supporting Ukraine

Report: Wartime Hacking Is Spilling Into The Financial Sector

Xi, Putin, Declare Intent To Rule The World Of AI, Infosec

Unknown Actors Deploy Malware To Steal Data In Occupied Regions Of Ukraine

U.S. Releases Footage Of Drone Crash With Russian Jet Over Black Sea

The Sketchy Plan To Build A Russian Android Phone

Russian Charged With Smuggling US Counterintel Tech

Ukraine Invasion Blew Up Russian Cybercrime Alliances

Ukraine Suffered More Data-Wiping Malware Than Anywhere, Ever