Security News

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
2024-08-29 15:59

Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with...

Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
2024-08-29 13:04

The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023...

Russian laundering millions for Lazarus hackers arrested in Argentina
2024-08-23 13:59

The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires, who is facing money laundering charges related to cryptocurrency proceeds of the notorious North...

Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web
2024-08-16 14:25

A 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a...

Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware
2024-08-16 13:08

Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster,...

Russian man who sold logins to nearly 3,000 accounts gets 40 months in jail
2024-08-15 12:22

A Russian national is taking a trip to prison in the US after being found guilty of peddling stolen credentials on a popular dark web marketplace. According to the original indictment [PDF], the credentials sold by Kavzharadze included those for five different banks and went on to be abused in fraudulent transactions exceeding $5 million in value.

Russian-Linked Hackers Target Eastern European NGOs and Media
2024-08-15 11:43

Russian and Belarusian non-profit organizations, Russian independent media, and international non-governmental organizations active in Eastern Europe have become the target of two separate spear-phishing campaigns orchestrated by threat actors whose interests align with that of the Russian government. While one of the campaigns - dubbed River of Phish - has been attributed to COLDRIVER, an adversarial collective with ties to Russia's Federal Security Service, the second set of attacks have been deemed the work of a previously undocumented threat cluster codenamed COLDWASTREL. Targets of the campaigns also included prominent Russian opposition figures-in-exile, officials and academics in the US think tank and policy space, and a former U.S. ambassador to Ukraine, according to a joint investigation from Access Now and the Citizen Lab.

China-linked cyber-spies infect Russian govt, IT sector
2024-08-15 02:50

Cyber-spies suspected of connections with China have infected "Dozens" of computers belonging to Russian government agencies and IT providers with backdoors and trojans since late July, according to Kaspersky. The Russia-based security biz claimed the malware used in the ongoing, targeted attacks - dubbed EastWind - has links to two China-nexus groups tracked as APT27 and APT31.

Russian who sold 300,000 stolen credentials gets 40 months in prison
2024-08-14 23:11

​Georgy Kavzharadze, a 27-year-old Russian national, has been sentenced to 40 months in prison for selling login credentials for over 300,000 accounts on Slilpp, the largest online marketplace of...

Russian cyber snoops linked to massive credential-stealing campaign
2024-08-14 18:45

Citizen Lab also spots a COLDWASTREL swimming in the Rivers of Phish Russia's Federal Security Service (FSB) cyberspies, joined by a new digital snooping crew, have been conducting a massive...