September 5, 2024 at 03:49PM The US charged five Russian military intelligence officers and one civilian for involvement in the WhisperGate cyberattack against Ukraine, offering a $10 million bounty for their whereabouts. The cyberattack, conducted by Russian GRU officers, targeted Ukrainian government computers and non-military agencies. The US and international partners issued a joint cybersecurity … Read more
June 27, 2024 at 03:33PM Russian national Amin Timovich Stigal was indicted by the U.S. for cyberattacks on Ukrainian government networks, using a U.S.-based company to distribute destructive pseudo-ransomware and engaging in data exfiltration and information leakages. The announcement also included details about his involvement in hacking activities against the U.S. and NATO. Stigal faces … Read more
June 27, 2024 at 04:36AM A 22-year-old Russian national was indicted in the U.S. for cyber attacks against Ukraine prior to Russia’s invasion in 2022. Amin Stigal, linked to Russian military intelligence, used a wiper malware called WhisperGate. In a separate case, Remy St Felix, a Florida man, was convicted for violent home invasions to … Read more
May 31, 2024 at 06:57AM APT28, a Russian GRU-backed threat actor, has conducted cyber attacks across Europe using the HeadLace malware and credential-harvesting web pages. Operating with stealth and sophistication, they utilized legitimate internet services to conceal their operations. Their main targets included entities with military significance and services like Yahoo! and UKR[.]net. Key takeaways … Read more
May 9, 2024 at 07:18PM Poland warns of state-backed Russian threat group targeting its government institutions. Russian APT28 hackers used a phishing campaign to trick officials into clicking malicious links, compromising their devices. This aligns with previous APT28 operations targeting NATO and EU members. APT28’s history includes hacking the DNC, DCCC, and the German Bundestag. … Read more
May 5, 2024 at 10:39PM German officials have attributed a spate of cyberattacks on government agencies and private industry to APT28, a Russian threat actor linked to the GRU intelligence service. The attacks were reportedly in response to Germany’s decision to send tanks to Ukraine. The US has joined Germany in condemning the attacks and … Read more
May 4, 2024 at 07:57AM German officials accused Russian military agents of hacking Chancellor Olaf Scholz’s party and other sensitive targets, with NATO and European countries joining in condemning Russia’s cyberespionage actions. The hacking, attributed to Russian military cyber operators, targeted emails and institutions over several months. International efforts shut down the botnet used by … Read more
April 22, 2024 at 01:25PM Microsoft warns of the Russian APT28’s GooseEgg tool exploiting Windows Print Spooler vulnerability to escalate privileges and steal data. The group, linked to Russia’s GRU, deploys GooseEgg using Windows batch scripts, dropping a malicious DLL to gain SYSTEM-level access. GooseEgg has been used in cyber attacks against various government and … Read more
April 17, 2024 at 04:04PM The notorious Russian military cyber unit, Sandworm, linked to GRU intelligence, engaged in cyberattacks on US and European water and hydroelectric utilities, causing disruptions and a water tank overflow. The group has targeted Ukraine and also impacted US and European critical infrastructure. Mandiant warned of the ongoing threat posed by … Read more
April 17, 2024 at 01:13PM Russian military intelligence-linked group Sandworm, also known as APT44, has been conducting cyber attacks by posing as hacktivist groups on multiple Telegram channels. The group employs various methods, including phishing and supply-chain compromise, to target Ukraine and other countries, with potential plans to interfere in national elections. Sandworm has transitioned … Read more