Security News

Kremlin-linked COLDRIVER crooks take pro-democracy NGOs for phishy ride
2024-09-09 13:45

The latest of many attempts to stifle perceived threats to Putin's regime A pro-democracy NGO in Russia says it looks like the Kremlin-linked COLDRIVER group was behind last month's hack-and-leak...

Kaspersky challenges US government to put up or shut up about Kremlin ties
2024-07-18 16:29

Stick an independent probe in our software, you won't find any Putin.DLL backdoor Kaspersky has hit back after the US government banned its products – by proposing an independent verification that...

Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
2024-05-09 15:20

Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. "The campaign sent emails with content...

Kremlin's Sandworm blamed for cyberattacks on US, European water utilities
2024-04-17 19:56

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Kremlin accuses America of plotting cyberattack on Russian voting systems
2024-03-11 21:58

The Kremlin has accused the United States of meddling in Russia's upcoming presidential election, and even accused Uncle Sam of planning a cyberattack on the country's online voting system. Putin, who controls the SVR and the election process, will undoubtedly win the vote.

Google TAG: Kremlin cyber spies move into malware with a custom backdoor
2024-01-18 14:00

Russian cyberspies linked to the Kremlin's Federal Security Service are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November 2022, according to Google's Threat Analysis Group. "TAG has observed SPICA being used as early as September 2023, but believe that COLDRIVER's use of the backdoor goes back to at least November 2022," the Chocolate Factory's threat hunting team said in an analysis published today.

Sandworm's Kyivstar attack should serve as a reminder of the Kremlin crew's 'global reach'
2024-01-05 07:30

Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar. The telco did not immediately respond to The Register's inquiries, but a Kyivstar spokesperson said it was working with the SBU to investigate the attack, and added that "No facts of leakage of personal and subscriber data have been revealed."

Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky
2023-12-09 11:28

An unknown pro-Russia influence group spent time recruiting unwitting Hollywood actors to assist in smear campaigns against Ukraine and its president Volodymyr Zelensky. Exploiting platforms like Cameo, which allows people to pay public figures for personalized videos, usually for events like birthdays, this influence operation compensated US celebrities to record videos for a "Vladimir," supporting his fight against substance addiction.

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability
2023-12-05 06:59

Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within...

Kremlin-backed Sandworm strikes Android devices with data-stealing Infamous Chisel
2023-08-31 19:13

Russia's Sandworm crew is using an Android malware strain dubbed Infamous Chisel to remotely access Ukrainian soldiers' devices, monitor network traffic, access files, and steal sensitive information, according to a Five Eyes report published Thursday. Ukraine's security agency spotted and blocked Sandworm's latest campaign earlier this month when the Kremlin-backed cyber goons were attempting to use Infamous Chisel to break into the army's combat data exchange system.