Stay informed on Sandworm, the notorious cyber threat group. Get the latest updates and insights on their activities in information security.
Search across headline titles and summaries.
Background for this topic.
Sandworm is a cyber espionage group believed to have ties to the Russian government's military intelligence agency, the GRU. This hacking collective has gained notoriety for its advanced cyber attacks against numerous international targets, primarily focusing on NATO member countries, governments in Ukraine, Georgia, and entities in the European Union and United States.
In the context of information security, Sandworm represents a significant and persistent threat due to its sophisticated tactics, techniques, and procedures (TTPs). The group is known for leveraging zero-day vulnerabilities, conducting distributed denial-of-service (DDoS) attacks, and deploying destructive malware like NotPetya, which caused widespread damage and disruption in 2017. Security professionals monitor Sandworm's activities closely to understand their evolving strategies and to develop robust cyber defenses against their operations.
Weekly headline count for the current query.
After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. [...]
Ukraine's Computer Emergency Response Team (CERT) is warning that the Russian hacking group Sandworm may be exploiting Follina, a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) currently tracked as CVE-2022-30190. [...]