Russian Federation

Researchers believe Gamaredon and Turla threat groups are collaborating

cybercrime, ESET, News, research, Russian Federation /

Researchers believe Gamaredon and Turla threat groups are collaborating 2025-09-19 at 08:31 By Help Net Security ESET Research has discovered evidence of collaboration between the Gamaredon and Turla threat groups. Both groups are linked to Russia’s primary intelligence agency, the FSB, and were found working in tandem to target high-profile organizations in Ukraine. In these […]

React to this headline:

Loading spinner

Researchers believe Gamaredon and Turla threat groups are collaborating Read More »

Russian threat actors using old Cisco bug to target critical infrastructure orgs

Cisco, critical infrastructure, cyber espionage, Don't miss, FBI, Hot stuff, News, Russian Federation, USA, vulnerability /

Russian threat actors using old Cisco bug to target critical infrastructure orgs 2025-08-21 at 18:07 By Zeljka Zorz A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old vulnerability (CVE-2018-0171), the FBI and Cisco warned on Wednesday. “Primary targets

React to this headline:

Loading spinner

Russian threat actors using old Cisco bug to target critical infrastructure orgs Read More »

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)

0-day, APT, backdoor, BI.ZONE, Canada, cyber espionage, Don't miss, ESET, Europe, exploit, Hot stuff, News, Russian Federation, spear-phishing, WinRAR /

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) 2025-08-12 at 16:11 By Zeljka Zorz The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations.

React to this headline:

Loading spinner

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) Read More »

Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine

arrest, cybercrime, Europol, News, Russian Federation, Ukraine /

Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine 2025-07-23 at 17:34 By Sinisa Markovic The suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime forums, was arrested in Kyiv, Ukraine, on 22 July. The takedown followed a long-running investigation led by the French Police and Paris Prosecutor, in close cooperation with Ukrainian

React to this headline:

Loading spinner

Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine Read More »

Ports are getting smarter and more hackable

attacks, China, CISO, critical infrastructure, cybersecurity, Don't miss, Government, Hacktivism, Iran, maritime industry, NATO, News, Russian Federation, strategy, threats, tips /

Ports are getting smarter and more hackable 2025-07-23 at 08:31 By Sinisa Markovic A new policy brief from NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) warns that critical port infrastructure, responsible for 80 percent of global trade, is increasingly under attack by threat actors tied to Russia, Iran, and China. These ports are essential

React to this headline:

Loading spinner

Ports are getting smarter and more hackable Read More »

Global crackdown hits pro-Russian cybercrime, 100+ systems taken down worldwide

cybercrime, Don't miss, Europol, law enforcement, News, Russian Federation /

Global crackdown hits pro-Russian cybercrime, 100+ systems taken down worldwide 2025-07-16 at 16:03 By Sinisa Markovic In a major blow to pro-Russian cybercrime, authorities across Europe and the United States launched a sweeping international crackdown on the hacking group NoName057(16) between 14 and 17 July. The coordinated operation, codenamed Eastwood and led by Europol and

React to this headline:

Loading spinner

Global crackdown hits pro-Russian cybercrime, 100+ systems taken down worldwide Read More »

LockBit panel data leak shows Chinese orgs among the most targeted

China, cybercriminals, Don't miss, Hot stuff, manufacturing sector, News, Positive Technologies, Ransomware, Russian Federation, Taiwan, Trellix, USA /

LockBit panel data leak shows Chinese orgs among the most targeted 2025-06-12 at 17:17 By Zeljka Zorz The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20%

React to this headline:

Loading spinner

LockBit panel data leak shows Chinese orgs among the most targeted Read More »

Nation-state APTs ramp up attacks on Ukraine and the EU

China, cyber espionage, cybersecurity, ESET, EU, News, North Korea, report, Russian Federation, survey, Ukraine /

Nation-state APTs ramp up attacks on Ukraine and the EU 2025-05-21 at 07:02 By Help Net Security Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber threats The Russia-aligned Sandworm group intensified destructive operations against Ukrainian energy companies, deploying a new

React to this headline:

Loading spinner

Nation-state APTs ramp up attacks on Ukraine and the EU Read More »

Russia-linked hackers target webmail servers in Ukraine-related espionage operation

APT, cyber espionage, email security, ESET, News, Russian Federation, XSS /

Russia-linked hackers target webmail servers in Ukraine-related espionage operation 2025-05-15 at 12:01 By Help Net Security ESET researchers have uncovered RoundPress, a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned Sednit (also known as Fancy Bear or APT28) cyberespionage group, holding the ultimate goal of stealing confidential

React to this headline:

Loading spinner

Russia-linked hackers target webmail servers in Ukraine-related espionage operation Read More »

Cozy Bear targets EU diplomats with wine-tasting invites (again)

backdoor, cyber espionage, Don't miss, EU, Hot stuff, News, phishing, Russian Federation /

Cozy Bear targets EU diplomats with wine-tasting invites (again) 2025-04-16 at 17:40 By Zeljka Zorz APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. Cozy Bear uses wine-tastings and dinners as a lure In early 2024, Zscaler flagged a low-volume

React to this headline:

Loading spinner

Cozy Bear targets EU diplomats with wine-tasting invites (again) Read More »

Sandworm APT’s initial access subgroup hits organizations accross the globe

APT, Don't miss, energy sector, Hot stuff, Microsoft, News, Russian Federation, telecommunications /

Sandworm APT’s initial access subgroup hits organizations accross the globe 2025-02-13 at 15:34 By Zeljka Zorz A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the

React to this headline:

Loading spinner

Sandworm APT’s initial access subgroup hits organizations accross the globe Read More »

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

0-day, APT, backdoor, Don't miss, ESET, exploit, Firefox, Hot stuff, News, Russian Federation, Windows /

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor 2024-11-26 at 12:18 By Zeljka Zorz Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chaining together two zero-day vulnerabilities armed

React to this headline:

Loading spinner

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor Read More »

Faraway Russian hackers breached US organization via Wi-Fi

APT, brute-force, credentials, Don't miss, enterprise, government-backed attacks, Hot stuff, MFA, News, Russian Federation, wireless /

Faraway Russian hackers breached US organization via Wi-Fi 2024-11-25 at 19:03 By Zeljka Zorz Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target’s enterprise Wi-Fi network. The repeated attacks Volexity, a company

React to this headline:

Loading spinner

Faraway Russian hackers breached US organization via Wi-Fi Read More »

Russian hackers deliver malicious RDP configuration files to thousands

Amazon, APT, Australia, cyber espionage, Don't miss, Europe, Government, Hot stuff, Japan, Microsoft, News, RDP, Russian Federation, spear-phishing, UK /

Russian hackers deliver malicious RDP configuration files to thousands 2024-10-30 at 12:49 By Zeljka Zorz Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file. “Based

React to this headline:

Loading spinner

Russian hackers deliver malicious RDP configuration files to thousands Read More »

4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed

cybercriminals, Europol, Hot stuff, Justice Department, law enforcement, National Crime Agency, News, Ransomware, Russian Federation /

4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed 2024-10-02 at 12:46 By Zeljka Zorz The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the

React to this headline:

Loading spinner

4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed Read More »

Exposed: Russian military Unit 29155 does digital sabotage, espionage

CISA, cyber espionage, cyber sabotage, cyber war, cybercriminals, disruption, Don't miss, hacker, Hot stuff, Justice Department, NATO, News, Russian Federation, Ukraine, USA /

Exposed: Russian military Unit 29155 does digital sabotage, espionage 2024-09-06 at 17:01 By Zeljka Zorz The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for the 2022

React to this headline:

Loading spinner

Exposed: Russian military Unit 29155 does digital sabotage, espionage Read More »

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites

APT, Don't miss, exploit, Government, government-backed attacks, Hot stuff, Malware, News, Russian Federation /

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites 2024-08-29 at 16:16 By Zeljka Zorz Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and July 2024, threat actors have repeatedly

React to this headline:

Loading spinner

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites Read More »

How AI-powered software spreads Russian disinformation on X

Artificial Intelligence, bot, disinformation, DOJ, Don't miss, Hot stuff, News, Russian Federation, software, Twitter /

How AI-powered software spreads Russian disinformation on X 2024-07-10 at 18:16 By Zeljka Zorz The US Justice Department (DoJ) has seized two US-based domains used by Russian threat actors to create fake profiles on X (formerly Twitter) that would spread disinformation in the United States and abroad. This bot farm was created and operated via

React to this headline:

Loading spinner

How AI-powered software spreads Russian disinformation on X Read More »

US offers $10 million for information on indicted WhisperGate malware suspect

Government, government-backed attacks, Justice Department, law enforcement, Malware, News, Russian Federation, Ukraine, USA /

US offers $10 million for information on indicted WhisperGate malware suspect 2024-06-27 at 10:36 By Help Net Security A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. If convicted, he faces a maximum penalty of five years in prison. The

React to this headline:

Loading spinner

US offers $10 million for information on indicted WhisperGate malware suspect Read More »

Scroll to Top