Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025
Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released
The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware suite codenamed PRISMEX
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel
A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks
ESET found that the FSB-affiliated groups, Gamaredon and Turla, are sharing tools to help conduct espionage attacks against Ukrainian organizations
Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities
The Russia-linked threat actor known as Gamaredon (aka Shuckworm) has been attributed to a cyber attack targeting a foreign military mission based in Ukraine with an aim to deliver an updated version of a known malware called GammaSteel
The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. [...]
Ready, set, sanctions? If volunteer intelligence gatherers are correct, the US may have a good reason to impose sanctions on Russian infosec firm Kaspersky, which has been accused of helping Russia design drones used in the invasion of Ukrainian.…
Ready, set, sanctions? If volunteer intelligence gatherers are correct, the US might have a good reason to impose sanctions on Russian infosec firm Kaspersky, which has been accused of helping Russia design drones used in the Ukrainian war.…
ESET researchers reveal a Russian threat actor has targeted Ukrainian citizens with PYSOPs messages warning of impacts such as food and medicine shortages from the war
Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation
Symantec said the new campaign focused on acquiring military and security intelligence
The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments
This RomCom is no laughing matter A change in the deployment of the RomCom malware strain has illustrated the blurring distinction between cyberattacks motivated by money and those fueled by geopolitics, in this case Russia's illegal invasion of Ukraine, according to Trend Micro analysts.…
If this is Kyiv's work, Russia can Crimea river A cyber espionage campaign targeting organizations in Russian-occupied regions of Ukraine is using novel malware to steal data, according to Russia-based infosec software vendor Kaspersky.…