Russia Archives - Page 2 of 59

Pierluigi Paganini March 31, 2025

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related […]

Pierluigi Paganini March 26, 2025

Google fixed the first actively exploited Chrome zero-day since the start of the year

Google fixed a flaw in the Chrome browser for Windows that was actively exploited in attacks targeting organizations in Russia. Google has released out-of-band fixes to address a high-severity security vulnerability, tracked as CVE-2025-2783, in Chrome browser for Windows. The flaw was actively exploited in attacks targeting organizations in Russia. The vulnerability is an incorrect handle […]

Pierluigi Paganini March 04, 2025

CISA maintains stance on Russian cyber threats despite policy shift

US CISA confirms no change in defense against Russian cyber threats despite the Trump administration’s pause on offensive operations. US CISA stated there is no change in defending against Russian cyber threats, despite the Trump administration’s temporary pause on offensive cyber operations. US Defense Secretary Pete Hegseth has recently ordered US Cyber Command to pause […]

Pierluigi Paganini February 25, 2025

Russia warns financial sector organizations of IT service provider LANIT compromise

Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT. Russia’s National Coordination Center for Computer Incidents (NKTsKI) warns the financial sector of security breach at IT service and software provider LANIT, potentially affecting LANTER and LAN ATMservice. According to the security breach notification published by GosSOPKA, […]

Pierluigi Paganini February 17, 2025

Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

Pro-Russia collective NoName057(16) launched DDoS attacks on Italian sites, targeting airports, the Transport Authority, major ports, and banks. The pro-Russia hacker group NoName057(16) launched a new wave of DDoS attacks this morning against multiple Italian entities. The group targeted the websites of Linate and Malpensa airports, the Transport Authority, the bank Intesa San Paolo, and […]

Pierluigi Paganini February 13, 2025

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

A subgroup of the Russia-linked Seashell Blizzard APT group (aka Sandworm) ran a global multi-year initial access operation called BadPilot. Microsoft shared findings on research on a subgroup of the Russia-linked APT group Seashell Blizzard behind the global BadPilot campaign, which compromises infrastructure to support Russian cyber operations. Seashell Blizzard (aka Sandworm, BlackEnergy and TeleBots) has been […]

Pierluigi Paganini February 12, 2025

Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel

Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel, a Trump administration source told CNN. The New York Times first reported that Alexander Vinnik, a Russian money laundering suspect, is being released from U.S. custody in exchange for Marc Fogel, according to a Trump administration source. Alexander Vinnik, a […]

Pierluigi Paganini February 08, 2025

Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps

Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps and forums, offering quick pay, Ukraine’s law enforcement warns. According to Ukraine’s law enforcement, Russian intelligence is using messaging apps and forums to recruit Ukrainians for terrorist attacks, offering quick pay. Ukrainian authorities have recently seen a rise in terrorist attacks on police, military centers, […]

Pierluigi Paganini January 28, 2025

EU announced sanctions on three members of Russia’s GRU Unit 29155

The EU sanctioned three members of Russia’s GRU Unit 29155 for cyberattacks on Estonia’s government agencies in 2020. The European Union announced sanctions for three members (Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov) of Unit 29155 of Russia’s military intelligence service (GRU) for their involvement in cyberattacks against Estonia in 2020. “The Council today adopted […]

Pierluigi Paganini January 14, 2025

Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cyber espionage campaign to gather economic and political intelligence in Central Asia. The Computer Emergency Response Team of Ukraine (CERT-UA) first detailed the activity of UAC-0063 in early 2023. […]

Russia

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Google fixed the first actively exploited Chrome zero-day since the start of the year

CISA maintains stance on Russian cyber threats despite policy shift

Russia warns financial sector organizations of IT service provider LANIT compromise

Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel

Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps

EU announced sanctions on three members of Russia’s GRU Unit 29155

Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Russia

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!