Russian

  • Blog
    digitpatrox2 days ago
    17

    Russian phishing campaigns exploit Signal’s device-linking feature

    Russian threat actors have been launching phishing campaigns that exploit the legitimate “Linked Devices” feature in the Signal messaging app to gain unauthorized access to accounts of interest. Over the past year, researchers observed phishing operations attributed to Russian state-aligned groups that used multiple methods to trick targets into linking their Signal account to a device controlled by the attacker.…

    Read More »
  • Blog
    digitpatrox1 week ago
    25

    Russian military hackers deploy malicious Windows activators in Ukraine

    The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. These attacks likely started in late 2023 and have now been linked by EclecticIQ threat analysts with Sandworm hackers based on overlapping infrastructure, consistent Tactics, Techniques and Procedures (TTPs), and frequently used ProtonMail accounts to register…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    35

    HPE notifies employees of data breach after Russian Office 365 hack

    Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company’s Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack. According to filings with Attorney General offices in New Hampshire and Massachusets, HPE started sending the breach notification letters last month to at least 16 people who had their driver’s licenses, credit card…

    Read More »
  • Blog
    digitpatroxJanuary 8, 2025
    57

    Russian ISP confirms Ukrainian hackers “destroyed” its network

    ​Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex’s network and wiped hacked systems after stealing sensitive documents. “The Russian internet provider Nodex in St. Petersburg was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left to them,” the Ukrainian hacktivists announced yesterday on…

    Read More »
  • Blog
    digitpatroxJanuary 1, 2025
    133

    US sanctions Russian group over AI-generated election disinformation

    The US has issued sanctions on organizations in Russia and Iran for attempting to interfere with the 2024 presidential election. The Treasury Department said on Tuesday that the groups tried to “stoke socio-political tensions” and influence voters. One group, the Moscow-based Center for Geopolitical Expertise, has ties to Russia’s Main Intelligence Directorate (GRU), and built a server to host its…

    Read More »
  • Blog
    digitpatroxDecember 18, 2024
    66

    Russian hackers use RDP proxies to steal data in MiTM attacks

    The Russian hacking group tracked as APT29 (aka “Midnight Blizzard”) is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads. The MiTM attacks utilized the PyRDP red team proxy tool to scan the victims’ filesystems, steal data in the background, and remotely execute rogue applications…

    Read More »
  • Blog
    digitpatroxDecember 15, 2024
    183

    Russian cyberspies target Android users with new spyware

    Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According to Lookout, which discovered the two malware families, BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both target Russian-speaking individuals in former Soviet states. Gamaredon (aka “Shuckworm”) is believed to be part…

    Read More »
  • Blog
    digitpatroxDecember 7, 2024
    332

    New Android spyware found on phone seized by Russian FSB

    After a Russian programmer was detained by Russia’s Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. The programmer, Kirill Parubets, was arrested by the FSB after being accused of donating to Ukraine. After regaining access to his mobile device, the programmer suspected…

    Read More »
  • Blog
    digitpatroxDecember 5, 2024
    84

    UK disrupts Russian money laundering networks used by ransomware

    ​A law enforcement operation led by the United Kingdom’s National Crime Agency (NCA) has disrupted two Russian money laundering networks working with criminals worldwide, including ransomware gangs. Dubbed “Operation Destabilise,” this international investigation has led to the arrest of 84 Russian-speaking suspects linked to the Smart (led by Ukrainian George Rossi) and TGR (controlled by Russian Ekaterina Zhdanova) criminal organizations.…

    Read More »
  • Blog
    digitpatroxNovember 26, 2024
    91

    Firefox and Windows zero-days exploited by Russian RomCom hackers

    ​Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. The first flaw (CVE-2024-9680) is a use-after-free bug in Firefox’s animation timeline feature that allows code execution in the web browser’s sandbox. Mozilla patched this vulnerability on October 9, 2024, one day after ESET reported it. The second…

    Read More »
Load More
Back to top button
close