Sandworm

ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid

electric grid, Electrum, ICS, ICS/OT, poland, power grid, RTU, Russia, Sandworm /

ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid 2026-01-30 at 11:47 By Eduard Kovacs Sandworm/Electrum hackers targeted communication and control systems at 30 sites. The post ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid Read More »

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid

energy, ICS, ICS/OT, Malware, Malware & Threats, Nation-State, poland, power grid, Sandworm /

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid 2026-01-26 at 10:55 By Ionut Arghire 10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware. The post Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid Read More »

Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks

Amazon, APT, critical infrastructure, Malware & Threats, Nation-State, Russia, Sandworm /

Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks 2025-12-16 at 15:25 By Eduard Kovacs After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices. The post Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks appeared first on SecurityWeek. This article is an excerpt from

Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks Read More »

Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector

grain, Nation-State, Russia, Sandworm, Ukraine, wiper /

Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector 2025-11-07 at 11:29 By Ionut Arghire Multiple state-sponsored Russian groups are targeting Ukrainian entities and European countries linked to Ukraine. The post Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector Read More »

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

APT44, cyberespionage, Malware & Threats, Mandiant, Nation-State, QR code, Sandworm, Signal Messenger /

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying 2025-02-19 at 13:04 By Ryan Naraine Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations. The post How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying appeared first on SecurityWeek.

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying Read More »

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft

APT44, Microsoft, Nation-State, Russia, Sandworm, Seashell Blizzard /

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft 2025-02-12 at 19:10 By Ionut Arghire A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence. The post Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft appeared first on SecurityWeek. This article is

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft Read More »

Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression

Malware & Threats, Sandworm /

Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression 2024-04-17 at 23:16 By Kevin Townsend Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy. The post Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression appeared first on SecurityWeek. This article is

Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression Read More »

Russian Hackers Used Novel OT Attack to Disrupt Ukrainian Power Amid Mass Missile Strikes

Cyberwarfare, Featured, ICS, ICS malware, ICS/OT, Malware & Threats, Mandiant, Nation-State, OT, Russia, Sandworm, Ukraine /

Russian Hackers Used Novel OT Attack to Disrupt Ukrainian Power Amid Mass Missile Strikes 09/11/2023 at 12:16 By Ryan Naraine Mandiant says Russia’s Sandworm hackers used a novel OT attack to cause power outages that coincided with mass missile strikes on critical infrastructure across Ukraine. The post Russian Hackers Used Novel OT Attack to Disrupt

Russian Hackers Used Novel OT Attack to Disrupt Ukrainian Power Amid Mass Missile Strikes Read More »

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

China, CVE-2023-38831, cybercrime, Malware & Threats, Nation-State, Russia, Sandworm, Vulnerabilities, WinRAR /

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw 18/10/2023 at 20:55 By Ryan Naraine Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks. The post Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw appeared first on SecurityWeek. This article is an excerpt from

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw Read More »

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

AWS, cloud security, cybercrime, MadPot, Nation-State, Sandworm, Volt Typhoon /

AWS Using MadPot Decoy System to Disrupt APTs, Botnets 29/09/2023 at 21:01 By Ryan Naraine AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm. The post AWS Using MadPot Decoy System to Disrupt APTs, Botnets appeared first on SecurityWeek. This article is an

AWS Using MadPot Decoy System to Disrupt APTs, Botnets Read More »

Scroll to Top