Russian authorities shut down mobile internet services more than 2,000 times in July, which is a record monthly high, as Russia escalates its digital restrictions in the name of cyber security. This presented through a report from the nonprofit Russian Internet Protection Society. Local authorities often cut off access to the internet, citing “national security” amid Ukrainian drone attacks. However, rights groups and digital watchdogs say many of the blackouts appear unrelated to any real t
russia (166)
The notorious Russian cyber-espionage gang known as Fancy Bear, also known as APT28, has increased its attacks against governments and military entities worldwide using new sophisticated cyber tools and technology. Fancy Bear is perhaps best known in the United States for its hack and leak of Democratic National Committee emails in the lead-up to the 2016 presidential election. Eleven Western countries have accused the hacking group of targeting defense, transport, and tech firms involved in
Ukrainian intelligence carried out a secret operation against Russian authorities in occupied Crimea. Over several days, Ukrainian cyber experts accessed and downloaded 100 terabytes of classified data from Russian-run government servers. After extracting the files, they completely erased the originals, leaving a major gap in Russian digital records.
The amount of data stolen, 100 terabytes which is massive. That’s enough to fill more than 20,000 high-definition movies or store over 25 million
A new report from NATO’s Cooperative Cyber Defense Center of Excellence (CCDCOE) warns that global ports are vulnerable in the wake of escalating cyber threats. The policy brief highlights that ports, which handle approximately 80% of international trade, “face unprecedented cybersecurity threats from state-linked actors” from Russia, Iran, and China. These actors aim to disrupt operations and potentially inflict significant economic and military harm.
Ports serve as crucial nodes in NATO’s de
Hackers are targeting Russia’s industrial sector with a new spyware strain that steals sensitive internal documents, local researchers warned. The campaign, which began in July 2024 and remains active, uses phishing emails disguised as fake contracts. Victims are urged to download a file via a malicious link, which infects their systems with previously unknown spyware called Batavia, according to a new report by Moscow-based cybersecurity firm Kaspersky.[1]
Link to full report: IR-25-191-002_R
The International Criminal Court (ICC) suffered a sophisticated cyber-attack coinciding with the Hague NATO summit attended by US President Donald J. Trump, who pushed for increased defense spending among member countries. Ironically, besides defense spending, the NATO summit also aimed to address measures to address cyber attacks. Meanwhile, Hague-based ICC said it immediately detected the cyber incident and promptly moved to contain the intrusion without divulging additional details.
The inte
Since 9 June 2025, Internet users located in Russia and connecting to web services protected by Cloudflare have been throttled by Russian Internet Service Providers (ISPs). As the throttling is being applied by local ISPs, the action is outside of Cloudflare’s control and we are unable, at this time, to restore reliable, high-performance access to Cloudflare products and protected websites for Russian users in a lawful manner. Internal data analysis suggests that the throttling allows Internet
The current ceasefire between Iran and Israel may prevent the two countries from firing missiles at each other, but it won't carry any weight in cyberspace, according to former NATO hacker Candan Bolukbas. "In the cyber world, there's no such thing as a ceasefire," he recently said. “If we see something in cyberspace that can disrupt us, we're going to attack it first, and we have that under US Cyber Command's mission
Bolukbas is chief technology officer and founder of Black Kite, a cyber-risk
Dutch intelligence agencies and Microsoft report that a novel Russian state intelligence hacking group is likely purchasing stolen credentials from criminal marketplaces to gain entry to North American and European networks. In coordinated disclosure recently, the Dutch government and Microsoft stated this group of government-linked hackers has been active since 2024 and has "a specific interest in European Union and NATO member states." Dutch agencies said the group, which they named "Laundr
This US cyber security advisory sent through CISA highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 2616
A Russian-linked hacktivist group known as NoName057(16) claimed responsibility for cyberattacks on several Romanian websites over the weekend, as voters headed to the polls to elect a new president. Among the targets of the distributed denial-of-service (DDoS) attacks were the official websites of the Ministry of Foreign Affairs, the Romanian government, the Constitutional Court and several presidential candidates.
Romania’s National Directorate for Cyber Security (DNSC) confirmed the attacks,
According to the US Department of Justice, Ryan Mitchell Kramer has pleaded guilty to accessing a computer and obtaining information, and threatening to damage a protected computer, as well as to two felony charges that each carry a prison sentence of up to five years. Kramer is behind the 2024 hack targeting The Walt Disney Company. The media giant launched an investigation into the incident in July 2024, after a threat actor calling itself NullBulge announced the theft of 1.1 Tb of data from
France's foreign ministry explicitly accused Russia's GRU military intelligence agency on 29 April of mounting cyber-attacks on a dozen entities including ministries, defense firms and think tanks since 2021 to destabilize France. The accusations, levelled at GRU unit APT28, which officials said was based in Rostov-on-Don in southern Russia, are not the first by a Western power, but it is the first time Paris has blamed the Russian state on the basis of its own intelligence.
The ministry said i
According to Dutch military intelligence, Russia is increasing its hybrid attacks aimed at undermining society in the Netherlands and its European allies, and Russian hackers have already targeted the Dutch public service. "We see the Russian threat against Europe is increasing, including after a possible end to the war against Ukraine," MIVD director Peter Reesink said in the agency's annual report. In the Netherlands, we saw the first (Russian) cyber sabotage act against a public service, wi
Russian authorities have arrested three individuals suspected of developing the Mamont malware, a recently identified banking trojan targeting Android devices. The suspects, whose identities remain undisclosed, were apprehended in the Saratov region. A video released by the Russian Ministry of Internal Affairs (MVD) shows the arrested individuals in handcuffs, being escorted by police officers.
According to the MVD, the trio is linked to over 300 cybercrime incidents. Authorities also seized co
When Russia launched its full-scale invasion of Ukraine in February 2022, it also ushered in a new era of warfare, one where cyberattacks were no longer a supporting act but a core component of battlefield operations. This was the world’s first full-scale cyberwar, where digital operations were synchronized with kinetic strikes to disrupt, disable, and disorient the enemy. For three years, Ukraine has defended itself not only on the battlefield but also in cyberspace, repelling relentless Russ
Russian state-backed actors are increasingly targeting secure messaging applications like Signal to intercept sensitive communications, reveals a recent report by Google’s Threat Intelligence Group. These groups, often aligned with Russian intelligence services, are focusing on compromising accounts used by individuals of interest, including military personnel, politicians, journalists, and activists. While the initial focus appears to be related to the conflict in Ukraine, researchers believe
Computers need electricity. Without electricity, a country will effectively shut down. In the near future Estonia, Latvia, and Lithuania will be officially severing their remaining electricity grid connections with Russia and Belarus, marking a significant step in their move away from Moscow’s influence nearly 35 years after leaving the Soviet Union.
This symbolic move, laden with geopolitical significance, accelerates a process that gained momentum following Russia’s invasion of Ukraine. “Th
A Russian hacking campaign has exploited a vulnerability in a popular file archiver to infect Ukrainian government and private organizations with SmokeLoader malware, researchers have found.
The bug, tracked as CVE-2025-0411, was discovered in 7-Zip, a free and open-source file archiver developed by Russian programmer Igor Pavlov. It was identified by researchers at Tokyo-based cybersecurity firm Trend Micro in September and patched two months later, giving hackers ample time to exploit it in t
Enterprise cybersecurity tools, such as routers, firewalls, and VPNs, exist to protect corporate networks from intruders and malicious hackers, something that is particularly important in today’s age of widespread remote and hybrid working. But while pitched as tools that help organizations stay safe from outside threats, many of these products have time and again been found to contain software bugs that allow malicious hackers to compromise the very networks these products were designed to prot
