Weak Security Continues to Fuel Russian Cyberattacks
In a first, the UK and the EU jointly imposed sanctions on Russian individuals and entities for cyberattacks and disinformation campaigns in the region.
Sanctions shape cybersecurity by restricting transactions, technology access, and support linked to cyber operations and critical infrastructure risks.
Search across headline titles and summaries.
Background for this topic.
Sanctions are legal restrictions imposed by governments or international bodies on dealings with specified countries, organizations, individuals, or activities. They can limit payments, exports, imports, access to services, or provision of technical assistance; the exact prohibitions, exceptions, and licensing rules depend on the relevant jurisdiction. Cyber-related designations may identify operators, companies, or intermediaries linked to malicious activity, but sanctions are legal measures rather than technical indicators of compromise.
For security practitioners, sanctions create operational requirements around counterparties and technology flows. Organizations may need to screen customers, suppliers, service providers, and payment recipients, including aliases and ownership links, and restrict access or support where law requires. Export-control and sanctions rules can also affect distribution of cryptographic products, exploit research, cloud services, and incident-response assistance. Threat intelligence can help map sanctioned entities and evasion networks, while vulnerability-management and response teams should preserve records showing who received software, credentials, or technical help. Because lists and licensing conditions change, automated controls need human review and documented escalation rather than treating a name match as conclusive.
Weekly headline count for the current query.
In a first, the UK and the EU jointly imposed sanctions on Russian individuals and entities for cyberattacks and disinformation campaigns in the region.
These rulings prohibit the entities from entering or doing business in the European Union.
Rescinded sanctions and reactivated contracts have created confusion about the Trump administration's spyware policy and where it draws the line.
The Trump administration appears to have dropped sanctions against Chinese actors for the Salt Typhoon attacks on US telecoms; but focusing on diplomacy alone misses the full picture, experts say.
Firms cooperating with cybercrime syndicates in Burma and Cambodia face sanctions by the US government and enforcement actions by China, but the scams continue to grow.
Lab-Dookhtegen claims major attack on more than 60 cargo ships and oil tankers belonging to two Iranian companies on US sanctions list.
In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.
The White House put limits on cyber sanctions, killed the digital ID program, and refocused the government's cyber activities to enabling AI, rolling out post-quantum cryptography, and promoting secure software design.
The White House put limits on cyber sanctions, killed the digital ID program, and refocused the government's cyber activities to enabling AI, rolling out post-quantum cryptography, and promoting secure software design.
US, UK, and Australian law enforcement have targeted a company called Zservers (and two of its administrators) for providing bulletproof hosting services to the infamous ransomware gang.
The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.
Integrity Technology Group was found complicit with Flax Typhoon as part of a broader Chinese strategy to infiltrate the IT systems of US critical infrastructure.
The European Union's new sanctions framework will target individuals and organizations engaging in pro-Russian activities such as cyberattacks and information manipulation to undermine EU support for Ukraine.
Despite more US sanctions against spyware operators, Apple decided the cost in terms of disclosures about its own anti-spyware efforts was too great.
The sanctions are unlikely to impact the growing network of criminals who lure victims into working for cybercrime sweat shops around the world.
Vendors of mercenary spyware tools used by nation-states to track citizens and enemies have gotten savvy about evading efforts to limit their use.
Fraudsters based in the US and Europe indicted for helping North Korea's nation-state groups establish fake freelancer identities and evade sanctions.
Australian businesses and individuals now face government fines and consequences for paying ransoms or interacting with assets owned by LockBitSupp, aka Dmitry Yuryevich Khoroshev.
The US and the UK charge seven Chinese nationals for operating as part of threat group APT31.
The US Treasury Department sanctioned Intellexa Consortium commercial surveillance leaders in an effort to deter Predator proliferation.