Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.

FOR YEARS, SOME cybersecurity defenders and advocates have called for a kind of Geneva Convention for cyberwar, new international laws that would create clear consequences for anyone hacking civilian critical infrastructure, like power grids, banks, and hospitals. Now the lead prosecutor of the International Criminal Court at the Hague has made it clear that he intends to enforce those consequences—no new Geneva Convention required. Instead, he has explicitly stated for the first time that the Hague will investigate and prosecute any hacking crimes that violate existing international law, just as it does for war crimes committed in the physical world.

The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.

Breaches in Russia’s digital defences show the West is not alone in its vulnerability to hackers

The Ukraine war has inspired a defensive cyber effort that government officials and technology executives describe as unprecedented.

Its targets include not only Israel but at least one NATO member

Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine

This report represents research conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine. The report also offers a series of lessons and conclusions resulting from the data gathered and analyzed. Notably, the report reveals new information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits and other organizations outside Ukraine. This report also unveils detail about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war efforts. We are seeing these foreign influence operations enacted in force in a coordinated fashion along with the full range of cyber destructive and espionage campaigns. Finally, the report calls for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits and civil society to come together. The foreword of this new report, written by Microsoft President and Vice Chair Brad Smith, offers additional detail below.

Threat actors associated with Russian intelligence are using the fear or nuclear war to spread data-stealing malware in Ukraine.

Gen. Paul Nakasone's remarks this month about offensive operations against Russia caused a stir. But have people misinterpreted his words?

Les autorités russes vont relâcher les membres du gang de cybercriminels Revil, et même les embaucher pour leur propre compte. Stéphane Duguin, directeur du CyberPeace Institute de Genève, commente ce rebondissement

In an exclusive interview with Sky News, General Paul Nakasone confirmed for the first time that the US had "conducted a series of operations" in response to Russia's invasion of Ukraine.

New Mandiant research detailing the various IO activities seen by nation-state actors, resulting from the Russian invasion of Ukraine.

The attack on Viasat showcases cyber’s emerging role in modern warfare.

Russian troops in the occupied city of Melitopol have stolen all the equipment from a farm equipment dealership -- and shipped it to Chechnya, according to a Ukrainian businessman in the area.

The attack was the first in five years to use Sandworm's Industroyer malware.

ESET researchers have responded to a cyber-incident that affected an energy provider in Ukraine and involved ICS-capable malware called Industroyer2.

Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland's members of parliament (MPs).

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

The operation is the latest effort by the Biden administration to thwart actions by Russia by making them public before Moscow can strike.