Pierluigi Paganini
June 04, 2025
Ukraine’s GUR hacked the Russian aerospace and defense company Tupolev, stealing 4.4GB of highly classified internal data. Ukraine’s military intelligence agency GUR (aka HUR) claims the hack of the Russian aerospace and defense company Tupolev. According to Kyiv Post, Ukraine’s Military Intelligence compromised the United Aircraft Company (UAC) Tupolev division, which is a key developer […]
Pierluigi Paganini
May 28, 2025
The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on its critical infrastructure. The Czech government strongly condemned China after the cyber espionage group APT31 was linked to a cyberattack targeting the nation’s critical infrastructure. The Czech government condemned China after APT31 hackers infiltrated a ministry’s unclassified system in 2022 […]
Pierluigi Paganini
May 22, 2025
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology companies moving supplies into Ukraine, US CISA warns. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active since at least 2007 and it […]
Pierluigi Paganini
May 18, 2025
Chinese “kill switches” found in Chinese-made power inverters in US solar farm equipment that could let Beijing remotely disable power grids in a conflict. Investigators found “kill switches” in Chinese-made power inverters in US solar farm equipment. These hidden cellular radios could let Beijing remotely cripple power grids during a conflict. The Times reported that […]
Pierluigi Paganini
April 20, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers exploited SonicWall SMA appliances since January 2025 ASUS routers with AiCloud vulnerable to auth bypass exploit U.S. […]
Pierluigi Paganini
April 13, 2025
China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports. China reportedly admitted in a secret meeting with U.S. officials that it carried out cyberattacks on U.S. infrastructure, linked to the Volt Typhoon campaign. According to the Wall Street Journal, at a December Geneva summit, […]
Pierluigi Paganini
April 11, 2025
Gamaredon targeted a foreign military mission in Ukraine with updated GammaSteel malware on Feb 26, 2025, per Symantec. Symantec Threat Hunter researchers reported that the Russia-linked APT group Gamaredon (a.k.a. Shuckworm, Armageddon, Primitive Bear, ACTINIUM, Callisto) targeted a foreign military mission based in Ukraine with an updated version of the GamaSteel infostealer. Shuckworm is known for targeting government, […]
Pierluigi Paganini
April 04, 2025
CERT-UA reported three cyberattacks targeting Ukraine’s state agencies and critical infrastructure to steal sensitive data. The Computer Emergency Response Team of Ukraine (CERT-UA) reported three cyberattacks in March 2025 targeting Ukrainian agencies and infrastructure to steal sensitive data. This activity is tracked under the identifier UAC-0219. “The Ukrainian government’s computer emergency response team, CERT-UA, is […]
Pierluigi Paganini
April 03, 2025
Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose […]
Pierluigi Paganini
March 31, 2025
Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related […]
