The U.K.’s NCSC warns that Russian hackers linked to the country’s GRU Military Intelligence Unit are using compromised routers for DNS hijacking to enable credential theft.
Government officials and employees, military members, and journalists the world over are being advised by the Dutch Ministry of Defence that Russian state-backed hackers are engaged in a broad campaign targeting their WhatsApp and Signal accounts.
Russian hackers linked to the country’s Federal Security Service (FSB) Center 16 have exploited vulnerable Cisco devices for over a year to target critical infrastructure organizations for cyber espionage.
The stolen passwords are for a MoD portal specifically designed to be used safely from home via member personal devices, but it appears the Russian hackers have been targeting the devices themselves and intercepting the credentials.
Microsoft and the U.S. Department of Justice have seized over 100 domains used by Kremlin-backed Russian hackers Star Blizzard for cyber espionage against the West.
Unit 29155's actions since 2020 include cyber attacks on a number of federal agencies and critical infrastructure companies in a variety of countries. But the group seems to have switched most of its focus to Ukraine in the weeks prior to the 2022 military invasion.
GRU-affiliated Russian hackers targeted 20 Ukrainian critical infrastructure facilities in March 2024, Ukraine’s Computer Emergency Response Team (CERT-UA) has disclosed.
Leading cybersecurity firm Mandiant believes that a notorious group of Russian hackers is behind a recent rash of attacks on water utilities in several countries, including the United States. On January 18 the group was able to induce a tank overflow at a Texas water treatment plant, and has made similar incursions in France and Poland.
State-sponsored Russian hackers are targeting German political parties with fake dinner invites to deploy WINELOADER backdoors, establish persistence, and exfiltrate data.
Microsoft is now saying that the Russian hackers accessed "some" source code. And while customer-facing systems were not breached, the hackers accessed some confidential emails to customers.
