Sandworm

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaignRussia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

A subgroup of the Russia-linked Seashell Blizzard APT group (aka Sandworm) ran a global multi-year initial access operation called BadPilot.…

3 months ago
Previously unknown Kapeka backdoor linked to Russian Sandworm APTPreviously unknown Kapeka backdoor linked to Russian Sandworm APT

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a…

1 year ago
Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APTAttacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked…

1 year ago
Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providersRussia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between May and September 2023. The Russia-linked APT…

2 years ago
Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sectorRussia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

CERT-UA is warning of destructive cyberattacks conducted by the Russia-linked Sandworm APT group against the Ukraine public sector. Russia-linked APT…

2 years ago
Google TAG warns of Russia-linked APT groups targeting UkraineGoogle TAG warns of Russia-linked APT groups targeting Ukraine

Google TAG warns of Russia-linked APT groups targeting Ukraine

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched…

2 years ago
Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenalLeaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Files leaked by Russian IT contractor NTC Vulkan show that Russia-linked Sandworm APT requested it to develop offensive tools. Documents…

2 years ago
Sandworm APT group hit Ukrainian news agency with five data wipersSandworm APT group hit Ukrainian news agency with five data wipers

Sandworm APT group hit Ukrainian news agency with five data wipers

The Ukrainian (CERT-UA) discovered five different wipers deployed on the network of the country's national news agency, Ukrinform. On January…

2 years ago
Sandworm APT targets Ukraine with new SwiftSlicer wiperSandworm APT targets Ukraine with new SwiftSlicer wiper

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from…

2 years ago
Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against UkraineRussia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. In Mid-October, Microsoft Threat Intelligence…

3 years ago
Show more Posts