The secretary of Defense has ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, sources tell Recorded Future News.
Recent incidents indicate US is no longer characterizing Russia as a cybersecurity threat, marking a radical departure: ‘Putin is on the inside now’
Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia's intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia's re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war.
Germany’s security services warned on Friday that fake videos circulating online purporting to reveal ballot manipulation in the country’s upcoming federal elections were part of a Russian information operation.
Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Our ongoing investigation indicates that this campaign has been active since August 2024 with the actor creating lures that resemble messaging app experiences including WhatsApp, Signal, and Microsoft Teams. Storm-2372’s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East. Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.
Starting in mid-January 2025, Volexity identified several social-engineering and spear-phishing campaigns by Russian threat actors aimed at compromising Microsoft 365 (M365) accounts. These attack campaigns were highly targeted and carried out in a variety of ways. The majority of these attacks originated via spear-phishing emails with different themes. In one case, the eventual breach began with highly tailored outreach via Signal.Through its investigations, Volexity discovered that Russian threat actors were impersonating a variety of individuals
A key Russian cybercrime syndicate responsible for aiding merciless ransomware attacks around the world has been targeted by new UK sanctions.
How Russian propaganda challenges Switzerland's neutrality, using disinformation to sway public opinion in the Ukraine war.
The Silver Dania is the third ship detained in recent weeks over concerns of intentional damage to subsea infrastructure in the Baltic Sea.
Another undersea data cable, this time connecting Sweden and Latvia, has been severed in the Baltic Sea, officials from both countries said Sunday. The incident prompted Sweden to launch a criminal probe into the matter and seize a "suspect vessel" vessel headed for Russia.
Russian threat actors combine domain name vulnerabilities with hidden router proxy techniques to scale their attacks while remaining shielded from detection.
Russian internet service provider Nodex confirmed on Tuesday that its network was
The Eagle S is suspected of damaging the Estlink-2 power cable which runs under the Baltic Sea between Finland and Estonia by dragging its anchor along the seabed on Christmas Day.
Police in Finland say the crew of a Russia-linked tanker suspected of damaging a power cable under the Baltic Sea have been detained indefinitely.
The Eagle S crew consists of 24 people with Finland’s Central Criminal Police imposing movement restrictions on eight.
Seven crew members of the seized ship Eagle S are being treated as suspects as Finland investigates undersea cable sabotage and alleged Russian spying.
Russian companies have begun using bitcoin and other digital currencies in international payments following legislative changes that allowed such use in order to counter Western sanctions, Finance Minister Anton Siluanov said on Wednesday.
Sanctions have complicated Russia's trade with its major partners such as China or Turkey, as local banks are extremely cautious with Russia-related transactions to avoid scrutiny from Western regulators.
U.K. investigators tell the story of how examining a cybercrime group's extortion funds helped to unravel a money-laundering network reaching from the illegal drug trade to Moscow's elite.
The Department of Homeland Security knows which countries SS7 attacks are primarily originating from. Others include countries in Europe, Africa, and the Middle East.
In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
