Ukraine Archives - Page 6 of 23

Pierluigi Paganini August 31, 2023

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. GCHQ’s National Cyber Security Centre and international partners reported that Russia-linked threat actors are using a new malware to target the Ukrainian military Government experts attribute the attack to the Russian military intelligence service the GRU. […]

Pierluigi Paganini July 19, 2023

Ukraine’s cyber police dismantled a massive bot farm spreading propaganda

The Cyber Police Department of the National Police of Ukraine dismantled a massive bot farm and seized 150,000 SIM cards. A gang of more than 100 individuals used fake social network accounts to conduct disinformation and psychological operations in support of the Russian government and its narrative on the invasion of Ukraine. The gang used […]

Pierluigi Paganini July 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise

Ukraine’s Computer Emergency Response Team (CERT-UA) states that Russia-linked APT Gamaredon starts stealing data 30 minutes after the initial compromise. Ukraine’s Computer Emergency Response Team (CERT-UA) is warning that the Russia-linked APT group Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) use to steal data from victims’ networks in less than an hour after the initial compromise. Gamaredon has […]

Pierluigi Paganini July 10, 2023

RomCom RAT attackers target groups supporting NATO membership of Ukraine

Threat actors are targeting NATO and groups supporting Ukraine in a spear-phishing campaign distributing the RomCom RAT. On July 4, the BlackBerry Threat Research and Intelligence team uncovered a spear phishing campaign aimed at an organization supporting Ukraine abroad. The researchers discovered two lure documents submitted from an IP address in Hungary, both targeting upcoming NATO Summit guests who […]

Pierluigi Paganini June 21, 2023

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. A joint investigation conducted by Ukraine’s Computer Emergency Response Team (CERT-UA) and Recorded Future revealed that the Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active since at least 2007 […]

Pierluigi Paganini June 15, 2023

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Russia-linked APT group Gamaredon is using a new toolset in attacks aimed at critical organizations in Ukraine. The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. Symantec researchers reported that in some cases, the cyberespionage group remained undetected in the […]

Pierluigi Paganini June 14, 2023

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Microsoft linked a series of wiping attacks to a Russia-linked APT group, tracked as Cadet Blizzard, that is under the control of the GRU. Microsoft attributes the operations carried out by the Russia-linked APT group tracked as Cadet Blizzard to the Russian General Staff Main Intelligence Directorate (GRU). The IT giant pointed out that Cadet Blizzard is […]

Pierluigi Paganini June 11, 2023

Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC

Pro-Ukraine hackers Cyber Anarchy Squad claimed responsibility for the attack that hit Russian telecom provider Infotel JSC. Pro-Ukraine hacking group Cyber.Anarchy.Squad claimed responsibility for an attack on Russian telecom provider Infotel JSC. The company provides connectivity services to the Russian banking system, for this reason, the attack had a severe impact on the operations of […]

Pierluigi Paganini May 23, 2023

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Experts warn of a threat actor, tracked as CloudWizard APT, that is targeting organizations involved in the region of the Russo-Ukrainian conflict. On March 2023, researchers from Kaspersky spotted a previously unknown APT group, tracked as Bad Magic (aka Red Stinger), that targeted organizations in the region of the Russo-Ukrainian conflict. The attackers were observed using PowerMagic and […]

Pierluigi Paganini May 16, 2023

President Zelensky imposes sanctions against the Russian IT sector

Ukraine’s President Zelensky and the country’s Council of National Security introduced new sanctions against individuals and businesses. Ukraine’s President Volodymyr Zelensky and the country’s Council of National Security introduced new sanctions against 351 Russian individuals and 241 business entities. The list of sanctioned entities comprises IT companies operating within the Russian Federation, notably Gazpromneft IT […]

Ukraine

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Ukraine’s cyber police dismantled a massive bot farm spreading propaganda

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise

RomCom RAT attackers target groups supporting NATO membership of Ukraine

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

President Zelensky imposes sanctions against the Russian IT sector

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

Authorities released free decryptor for Phobos and 8base ransomware

Anne Arundel Dermatology data breach impacts 1.9 million people

LameHug: first AI-Powered malware linked to Russia’s APT28

5 Features Every AI-Powered SOC Platform Needs in 2025

QUICK LINKS

Ukraine

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!