Head Mare: adventures of a unicorn in Russia and Belarus

Head Mare is a hacktivist group that first made itself known in 2023 on the social network X (formerly Twitter). In their public posts, the attackers reveal information about some of their victims, including organization names, internal documents stolen during Read More …

Kremlin critics targeted with spyware inside European Union

At least seven critics of the Kremlin, including journalists were targeted inside the European Union (EU) by a state using Pegasus, a report by digital civil rights NGO Access Now said on Thursday (May 30). In its report, Access Now Read More …

Scaly Wolf’s new loader: the right tool for the wrong job

The BI.ZONE Threat Intelligence team has uncovered a fresh campaign by the group targeting Russian and Belarusian organizations. The threat actors are distributing phishing emails under the guise of a federal agency. The emails have a legitimate document as an Read More …

LazyStealer: Sophisticated does not mean better

In the first quarter of 2024, researchers from Positive Technologies Expert Security Center (PT ESC) detected a series of attacks targeting government organizations in Russia, Belarus, Kazakhstan, Uzbekistan, Kyrgyzstan, Tajikistan, and Armenia. The research team could not find any links Read More …

Cloud Werewolf spearphishes Russian and Belarus government employees with fake spa vouchers and federal decrees

The BI.ZONE Threat Intelligence team has revealed another campaign by Cloud Werewolf aiming at Russian and Belarusian government organizations. According to the researchers, the group ran at least five attacks in February and March. The adversaries continue to rely on Read More …

Malicious campaigns target government, military and civilian entities in Ukraine, Poland

Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations and civilian users in Ukraine and Poland. Cisco Talos judge that these operations are very likely aimed at stealing information and gaining persistent remote access. Read More …

China-linked Twisted Panda caught spying on Russian defense R&D

Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research. The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, Read More …

Mystery of alleged Chinese hack on eve of Ukraine invasion

Allegations of Chinese cyber activity as the recent conflict broke out in Ukraine have been emerging. The details appear unusually murky but one Western intelligence official believes the aim was espionage – and the cyber-attack may have been broader than Read More …

Corrupted open-source software enters the Russian battlefield

It started as an innocent protest. Npm, JavaScript’s package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It did little except add a protest message against Russia’s invasion of Ukraine. But then, Read More …

Ukraine says its ‘IT Army’ has taken down key Russian sites

Key Russian websites and state online portals have been taken offline by attacks claimed by the Ukrainian cyber police force, which now openly engages in cyber-warfare. As the announcement of the law enforcement agency’s site details, specialists from the force Read More …