Sandworm Archives

Malware & Threats

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations.

Ryan NaraineFebruary 19, 2025

Nation-State

Russian Seashell Blizzard Hackers Have Access to Critical Infrastructure: Microsoft

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.

Ionut ArghireFebruary 12, 2025

Malware & Threats

Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression

Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy.

Kevin TownsendApril 17, 2024

Nation-State

Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44

Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.

Eduard KovacsApril 17, 2024

Use of OT Cyberattack in Russia Ukraine War

Cyberwarfare

Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes

Mandiant says Russia's Sandworm hackers used a novel OT attack to cause power outages that coincided with mass missile strikes on critical infrastructure across...

Ryan NaraineNovember 9, 2023

Cybercrime

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks.

Ryan NaraineOctober 18, 2023

Cloud Security

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.

Ryan NaraineSeptember 29, 2023

SECURITYWEEK NETWORK:

ICS:

All posts tagged "Sandworm"

Malware & Threats

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

Nation-State

Russian Seashell Blizzard Hackers Have Access to Critical Infrastructure: Microsoft

Malware & Threats

Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression

Nation-State

Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44

Cyberwarfare

Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes

Cybercrime

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

Cloud Security

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

Featured

Cybercrime

Cyberattack Hits British Retailer Marks & Spencer

Data Breaches

Korean Telco Giant SK Telecom Hacked

Data Breaches

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack

Artificial Intelligence

The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools

Vulnerabilities

Fresh Windows NTLM Vulnerability Exploited in Attacks

Vulnerabilities

SonicWall Flags Old Vulnerability as Actively Exploited

Malware & Threats

Apple Quashes Two Zero-Days With iOS, MacOS Patches

Latest News

Threat Intelligence

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth

Application Security

Endor Labs Raises $93 Million for AppSec Platform

Funding/M&A

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation

Data Protection

Files Deleted From GitHub Repos Leak Valuable Secrets

Application Security

Miggo Security Banks $17M Series A for ADR Technology

Cybersecurity Funding

Picnic Corporation Rebrands to VanishID, Raises $10 Million

Data Breaches

Kelly Benefits Data Breach Impacts 260,000 People

Daily Briefing Newsletter