Tag: RUSSIA

Romanian prosecutors issue charges against pro-Russia candidate in annulled election
Summary: Romanian prosecutors have charged far-right presidential candidate Călin Georgescu with six crimes, including financing irregularities and establishing a fascist organization. This follows the annulment of the first round of the presidential election due to findings of Russian interference. Georgescu, who remains a leading candidate, faces restrictions following his questioning and the ongoing investigation into his campaign activities.…
Read More
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
Summary: A new malware campaign, codenamed PolarEdge, targets edge devices like those from Cisco, ASUS, QNAP, and Synology, using a critical vulnerability to compromise routers and create a botnet. The malware exploits CVE-2023-20118, delivering a sophisticated TLS backdoor that allows for remote command execution. This campaign has reportedly infected over 2,000 unique IP addresses globally, raising concerns about its potential use for launching cyber attacks.…
Read More

https://github.com/jivoi/awesome-osint

A curated list of amazingly awesome open source intelligence tools and resources. Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources).

This list is to help all of those who are into Cyber Threat Intellience (CTI), threat hunting, or OSINT.…

Read More
Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts
Summary: A leak of more than a year’s worth of internal chat logs from the Black Basta ransomware gang reveals insights into their operations and internal conflicts. The Russian-language conversations from 2023 to 2024 expose the group’s targeting of entities, including Russian banks, and highlight their tactics, such as exploiting security vulnerabilities and social engineering.…
Read More
Attacks Against Government Entities, Defense Sector, and Human Targets
This article discusses the ongoing cyber warfare between Russia and Ukraine, highlighting various attacks perpetrated by both sides against government entities, military targets, and human resources. It details significant events, cyber techniques, and implications for future warfare. Affected: Ukrainian Government, Defense Sector, Russian Government, Civilian Targets

Keypoints :

Russian XakNet hackers targeted Ukrainian government entities, erasing records from the Ministry of Justice.…
Read More
The Hidden Threat in the Skies | Cyentia Institute
The aviation industry, recognized for its robust risk management, faces increasing cybersecurity threats as demonstrated by the recent CrowdStrike outage that affected millions of systems globally. This incident, alongside rising ransomware attacks, highlights the vulnerabilities of digital infrastructure in aviation, calling for enhanced cybersecurity strategies to secure the sector.…
Read More
Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics
Summary: Kaspersky Labs has identified renewed activity from the APT group Angry Likho, which has evolved its tactics and introduced a new malware implant targeting high-profile entities in Russia and Belarus. The group primarily employs spear-phishing techniques, utilizing deceptive emails to propagate a powerful infostealer known as Lumma Stealer.…
Read More

Victim: First Federal Savings & Loan Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=dDMdHMUIdmiLUv Discovered: 2025-02-25 22:33:10.065349 Published: 2025-02-25 22:31:41.214168 Description :Geographical location: North America Capital: Washington, D.C. Official language: English Currency: United States Dollar (USD) Population: Over 331 million (as of 2020) Government type: Federal republic Major regions: Northeast, Midwest, South, West Notable landmarks: Statue of Liberty, Grand Canyon, Yellowstone National Park Economic powerhouse: One of the largest economies in the world Cultural influence: Significant impact on global culture, technology, and politics

About Country: US

– Leading Cybersecurity Landscape: The US is a global leader in cybersecurity research, innovation, and policy development, with a focus on protecting critical infrastructure.…

Read More
GitVenom attacks abuse hundreds of GitHub repos to steal crypto
Summary: A malware campaign known as GitVenom has been exploiting hundreds of GitHub repositories to distribute various types of malware, including info-stealers and RATs, targeting users primarily in Russia, Brazil, and Turkey for over two years. These repositories mask malicious code behind seemingly legitimate projects, leveraging AI for realistic documentation and artificial activity inflation.…
Read More
Russian officials warn of potential compromise of major tech services provider
Summary: Russian cybersecurity authorities have warned financial institutions about a potential compromise involving the tech services provider LANIT, which specializes in payment services and banking software. They urged affected businesses to change access credentials and report any signs of a breach. This incident highlights ongoing cyber threats against Russian financial sectors, often linked to hacktivism from Ukraine.…
Read More
Siberia’s largest dairy plant reportedly disrupted with LockBit variant
Summary: A significant ransomware attack targeted the Semyonishna dairy processing plant in southern Siberia, reportedly linked to the plant’s support for Russian military operations. The hackers employed LockBit ransomware, disrupting the company’s operations and causing printed leaflets to criticize its contributions to the Russian army. Despite initial disruptions, operations have reportedly returned to normal, although the company’s website remains nonfunctional.…
Read More
GitVenom Malware Steals 6K in Bitcoin Using Fake GitHub Projects to Hijack Wallets
Summary: Cybersecurity researchers have highlighted an ongoing campaign named GitVenom that targets gamers and cryptocurrency investors through malicious open-source projects on GitHub. The campaign reportedly has been active for over two years, leading to the theft of personal and banking data, as well as 5 bitcoins worth approximately 6,600.…
Read More
Nine Threat Groups Active in OT Operations in 2024: Dragos
Summary: The 2025 OT/ICS Cybersecurity Report by Dragos highlights significant threats to operational technology (OT) organizations, tracking 23 threat groups with nine active in 2024, including new groups Bauxite and Graphite. Notably, Bauxite has targeted multiple sectors with custom malware, while ransomware attacks on industrial organizations surged by 87% compared to the previous year.…
Read More
PolarEdge: Unveiling an uncovered ORB network
The article discusses the PolarEdge botnet, which exploits the CVE-2023-20118 vulnerability in various Cisco Small Business Routers and causes compromised devices to launch coordinated attacks. The botnet has infected over 2,000 assets globally using sophisticated methods including web shells and a TLS backdoor. The research emphasizes the need for monitoring edge devices due to their vulnerability and operational importance to threat actors.…
Read More
Russia warns financial sector of major IT service provider hack
Summary: Russia’s National Coordination Center for Computer Incidents (NKTsKI) has issued a warning regarding a breach at LANIT, a significant IT service provider, which has potentially affected its subsidiaries involved in banking technology. The bulletin highlights the necessity for organizations in the credit and financial sector to take immediate security measures, including password rotations and enhanced monitoring.…
Read More
EU sanctions North Korean tied to Lazarus group over involvement in Ukraine war
Summary: The European Union has implemented a new sanctions package targeting individuals and entities linked to cyberwarfare and information operations against Ukraine. Among those sanctioned is Lee Chang Ho, head of North Korea’s reconnaissance agency, accused of aiding Russia’s military operations and overseeing cyberattack units. The sanctions also include Russian bloggers and media outlets involved in spreading propaganda, deemed detrimental to Ukraine and its allies.…
Read More