russia
Russian hackers bypass Gmail MFA using stolen app passwords
Russian hackers bypass multi-factor authentication and access Gmail accounts by leveraging app-specific passwords in advanced social engineering attacks that impersonate U.S. Department of State officials. The threat actor targeted well-known academics and critics of Russia in what is described as a “sophisticated and personalized novel social engineering attack” that did not rush the persons of […]
New PathWiper data wiper malware hits critical infrastructure in Ukraine
A new data wiper malware named ‘PathWiper’ is being used in targeted attacks against critical infrastructure in Ukraine, aimed at disrupting operations in the country. The payload was deployed through a legitimate endpoint administration tool, indicating that attackers had achieved administrative access to the system through a prior compromise. Cisco Talos researchers who discovered the attack attributed […]
Ukraine claims it hacked Tupolev, Russia’s strategic warplane maker
The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims it hacked the Russian aerospace and defense company Tupolev, which develops Russia’s supersonic strategic bombers. According to Ukrainian news outlets, a source within GUR said the military intelligence hackers breached Tupolev’s systems and stole 4.4 gigabytes of classified information. This stolen data includes personal […]
Russian Laundry Bear cyberspies linked to Dutch Police hack
A previously unknown Russian-backed cyberespionage group tracked as Laundry Bear has been linked to a September 2024 Dutch police security breach. As the Dutch national police (Politie) revealed last year, the attackers stole work-related contact information of multiple officers, including names, email addresses, phone numbers, and, in some cases, private details. The Netherlands General Intelligence and […]
Russian hackers breach orgs to track aid routes to Ukraine
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine. The hackers targeted entities in the defense, transportation, IT services, air traffic, and maritime sectors in 12 European countries and the United States. Additionally, the hackers have been […]
Russia to enforce location tracking app on all foreigners in Moscow
The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. The new proposal was announced by the chairman of the State Duma, Vyacheslav Volodin, who presented it as a measure to tackle migrant crimes. “The adopted mechanism will allow, using modern technologies, […]
Government webmail hacked via XSS bugs in global spy campaign
Hackers are running a worldwide cyberespionage campaign dubbed ‘RoundPress,’ leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations. ESET researchers who uncovered the operation attribute it with medium confidence to the Russian state-sponsored hackers APT28 (aka “Fancy Bear” or “Sednit”). The campaign started in 2023 and continued with the adoption of new exploits […]
Google links new LostKeys data theft malware to Russian cyberspies
Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. In December, the United Kingdom and Five Eyes allies linked ColdRiver to Russia’s Federal Security Service (FSB), the country’s counterintelligence and internal security service. […]
Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks
Russia-aligned hacktivists persistently target key public and private organizations in the Netherlands with distributed denial of service (DDoS) attacks, causing access problems and service disruptions. The situation was acknowledged via a statement by the country’s National Cyber Security Center (NCSC), part of the Dutch Ministry of Justice. “This week, several Dutch organizations have been targeted […]
France ties Russian APT28 hackers to 12 cyberattacks on French orgs
Today, the French foreign ministry blamed the APT28 hacking group linked to Russia’s military intelligence service (GRU) for targeting or breaching a dozen French entities over the last four years. “France condemns in the strongest terms the use by the Russian military intelligence service (GRU) of the APT28 attack procedure, which has led to several […]