Lucene search
K

29 matches found

Krebs on Security
Krebs on Security
added 2026/04/07 5:2 p.m.11 views

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.6 views

PT-2026-30786

My fellow Hungarians! I guarantee the integrity of the parliamentary elections on April 12, and that I will not exploit the zero-day vulnerability codenamed “VLAN Ghost Injection Vulnerability” CVE-2026-39011, as suggested by the Russian GRU agency! https://t.co/JaV7pRMngc...

5.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2025/12/16 12:27 p.m.11 views

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in...

10CVSS9AI score0.99999EPSS
Exploits69
The Hacker News
The Hacker News
added 2025/11/26 8:28 a.m.9 views

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent. "This is the first time that a RomCom payload has been observed being distributed by SocGholish," Arctic Wolf Labs...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/21 12:0 a.m.6 views

The Attribution Story of WhisperGate: An Academic Perspective

This paper explores the challenges of cyberattack attribution, specifically APTs, applying the case study approach for the WhisperGate cyber operation of January 2022 executed by the Russian military intelligence service GRU and targeting Ukrainian government entities. The study provides a detail...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/21 6:6 p.m.51 views

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 aka BlueDelta, Fancy Bear, or Forest Blizzard, which is linked to the Russian General...

9.8CVSS8.4AI score0.97798EPSS
Exploits69
CISA
CISA
added 2025/05/21 12:0 p.m.3 views

Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies

Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and other U.S. and international partners released a joint Cybersecurity Advisory, Russian GRU Targeting Western Logistics Entities and Technology Companies. This advisory details a Russian state-sponsored cyber...

7AI score
Exploits0References2
HackRead
HackRead
added 2024/02/19 4:24 p.m.19 views

Russian Hackers Hit Mail Servers in Europe for Political and Military Intel

By Deeba Ahmed Email servers compromised in 80 organizations as Russian-linked TAG-70 group targets European governments. This is a post from HackRead.com Read the original post: Russian Hackers Hit Mail Servers in Europe for Political and Military Intel...

7.3AI score
Exploits0
HackRead
HackRead
added 2023/12/04 6:58 p.m.16 views

Microsoft Outlook Vulnerability Exploited by Russian Forest Blizzard Group

By Waqas Forest Blizzard aka STRONTIUM, APT28, and Fancy Bear is thought to have affiliations with or support from the Russian military intelligence agency. This is a post from HackRead.com Read the original post: Microsoft Outlook Vulnerability Exploited by Russian Forest Blizzard Group...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/16 6:6 a.m.76 views

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successful cyberattacks...

9.8CVSS7.5AI score0.99284EPSS
Exploits8
The Hacker News
The Hacker News
added 2023/09/26 9:49 a.m.362 views

Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign

A "multi-year" Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future's Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to "Chinese...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/19 3:41 p.m.5 views

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Elite hackers associated with Russia's military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google's Threat Analysis Group TAG, which is monitoring the...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/26 4:28 a.m.44 views

Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations

Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities wer...

1AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/11/10 3:15 p.m.12 views

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless

Security researchers see updated tactics and tools—and a tempo change—in the cyberattacks Russia’s GRU military intelligence agency is inflicting on Ukraine...

3.9AI score
Exploits0
HackRead
HackRead
added 2022/09/29 3:0 p.m.10 views

Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files

By Deeba Ahmed APT28 or Fancy Bear is linked with the Russian military intelligence unit called GRU. This is a post from HackRead.com Read the original post: Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files...

4.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/29 12:32 p.m.34 views

Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine

At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. "Collectively, the cybe...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/02 4:14 p.m.481 views

Kubernetes Used in Brute-Force Attacks Tied to Russia’s APT28

U.S. and U.K. authorities are warning that the APT28 advanced-threat actor APT – a.k.a. Fancy Bear or Strontium, among other names – has been using a Kubernetes cluster in a widespread campaign of brute-force password-spraying attacks against hundreds of government and private sector targets...

9CVSS9.7AI score0.99965EPSS
Exploits34References21
The Hacker News
The Hacker News
added 2021/07/02 6:23 a.m.47342 views

NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency NSA, Cybersecurity and...

9CVSS1.1AI score0.99965EPSS
Exploits34
ThreatPost
ThreatPost
added 2020/10/19 7:10 p.m.30 views

DOJ Charges 6 Sandworm APT Members in NotPetya Cyberattacks

The Department of Justice DOJ on Monday announced charges against six Russian nationals who are allegedly tied to the Sandworm APT. The threat group is believed to have launched several high-profile cyberattacks over the past few years – including the destructive NotPetya cyberattack that targete...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/02/27 12:30 p.m.59 views

RSAC 2019: Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks

The notorious Chinese-linked threat group, dubbed Bronze Union, has been spotted in a widespread 2018 campaign updating its arsenal of cyberweapons by breathing new life into old tools. The threat group was spotted in 2018 using updated source code to target data owned by political, technology,...

7.6AI score
Exploits0References2
Rows per page
Query Builder