Russian
-
Blog
US warns of last-minute Iranian and Russian election influence ops
The U.S. Cybersecurity & Infrastructure Security Agency is warning about last-minute influence operations conducted by Iranian and Russian actors to undermine the public trust in the integrity and fairness of the upcoming presidential election. In a joint statement, CISA, the Office of the Director of National Intelligence (ODNI), and the Federal Bureau of Investigation (FBI), collectively the Intelligence Community (IC),…
Read More » -
Blog
Russian charged by U.S. for creating RedLine infostealer malware
The United States announced charges today against Maxim Rudometov, a Russian national, for being the suspected developer and administrator of the RedLine malware operation, one of the most prolific infostealers over the past few years. These infostealers, marketed to cybercriminals and sold via subscriptions, enable attackers to steal credentials and financial data and bypass multi-factor authentication. Rudometov was named in…
Read More » -
Blog
NCSC warns organizations of cyber threat from Russian Foreign Intelligence
The National Cyber Security Centre (NCSC) is warning organizations to buckle up for online attacks by Russia’s Foreign Intelligence Service (SVR). More than 20 publicly disclosed vulnerabilities have been listed in a joint advisory of US security agencies. These, it believes, can be exploited by the hacking group, APT29, also known as Midnight Blizzard, the Dukes, and Cozy Bear. The…
Read More » -
Blog
US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers
U.S. and U.K. cyber agencies warned today that APT29 hackers linked to Russia’s Foreign Intelligence Service (SVR) target vulnerable Zimbra and JetBrains TeamCity servers “at a mass scale.” A joint advisory issued by the NSA, the FBI, the U.S. Cyber Command’s Cyber National Mission Force (CNMF), and the U.K.’s NCSC warns network defenders to patch exposed servers to block these ongoing…
Read More » -
Blog
Microsoft and DOJ disrupt Russian FSB hackers’ attack infrastructure
Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia and worldwide in spear-phishing attacks. In December, the United Kingdom and its Five Eyes allies linked this threat group to Russia’s Federal Security Service (FSB), the country’s internal security and counterintelligence service.…
Read More » -
Blog
Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and July 2024. The activity was discovered by Google’s Threat Analysis Group (TAG), who said the n-day flaws have already been patched but remain effective on devices that have not been…
Read More » -
Blog
Russian laundering millions for Lazarus hackers arrested in Argentina
The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires on charges of money laundering related to cryptocurrency proceeds belonging to the North Korean Lazarus hackers. The San Isidro Specialized Fiscal Unit in Cybercrime Investigations (UFEIC) collaborated with blockchain analysis firm TRM Labs to identify and locate the individual despite him using a complex transactions network…
Read More » -
Blog
Russian who sold 300,000 stolen credentials gets 40 months in prison
Georgy Kavzharadze, a 27-year-old Russian national, has been sentenced to 40 months in prison for selling login credentials for over 300,000 accounts on Slilpp, the largest online marketplace of stolen logins, until its seizure in June 2021. In a Wednesday press release, the U.S. Department of Justice said that Kavzharadze (also known as TeRorPP, Torqovec, and PlutuSS) sold vast amounts…
Read More » -
Blog
Home Office confirms Russian threat actors accessed emails after Microsoft hack
The Russian hacking group Midnight Blizzard breached the UK Home Office and stole sensitive data as part of the hacking campaign revealed earlier this year. Freedom of Information (FoI) requests from Recorded Future News indicate that the Russia-backed hacking group was able to access corporate emails and data shared with Microsoft. The Home Office said its own systems weren’t affected,…
Read More » -
Blog
Google deactivates Russian AdSense accounts, sends final payments
Google is notifying Russian YouTubers, bloggers, and publishers that their Adsense accounts are being deactivated and can no longer be used for advertising. Google AdSense is an online advertising platform developed by Google that allows website owners, bloggers, and YouTube creators to monetize their content by displaying targeted advertisements. As reported by Habr earlier today, the tech giant is sending…
Read More »