Tonight's beer.
08.03.2026 00:32
👍 0
🔁 0
💬 0
📌 0
Tonight's beer.
1/ Anti Lukashenko-regime hackers Belarusian Cyber Partisans melden:
‘CYBERATTACK ON Khimvolokno 💥
We're striking the computer network of Belarusian Khimvolokno, Russia's largest supplier of nylon threads used to make helmet linings and body armor for the Russian army’.
Weird cyber story from Russia: a Moscow resident Ruslan Satuchin faces criminal charges for allegedly contacting Conti under the pretense of the FSB & extorting money for protection. Now he's investigated for fraud
No word of legal action against Conti
www.rbc.ru/society/25/0...
Wanted: foreign mercenaries, oops, military recruits seeking a path to citizenship...
The Wagner network recruits economically vulnerable Europeans for acts of violence and sabotage on NATO soil. GRU and FSB run the operations; Wagner supplies the channels and recruiters who "speak the language" of the marginalised. Many attacks have been thwarted. www.ft.com/content/dbd1...
Today, INPACT reveals the takeover of the Wagner Group's influence arm – Africa Politology – by the SVR, Russia's foreign intelligence service.
“Pancake,” “Lenin,” and an FSB hacker: Meet the fresh faces at Putin’s new directorate “for strategic partnership and cooperation”
Despite a nominal rebranding, the Kremlin’s efforts to peddle Russian soft power abroad look set to remain unchanged.
In case you're interested in #Doppelgänger and are following disinfo, here's a piece about a hacktivist who managed to siphon out hundreds of gigabytes of internal data (zipped!)
Article at Der Spiegel, Gift Link
www.spiegel.de/politik/hack...
Kommersant cites BI.ZONE CTI that 37% of cyber attacks on Russian organizations in 2025 were conducted for espionage, up from 21% in 2024. 45% of the threat groups attacking Russia and CIS are espionage groups.
Kommersant.ru/doc/8420782
The main difference I can see so far is my hypothesis that initial access occurs at the regional level, leveraging the regional focus of individual military districts.
Just mostly glad to see significant alignment in my research.
Someone putting pen to paper GRU regionality, something I've been researching for the past few years. Based on imagery they include, we use similar methodologies to break down the VIO by regions and links to monoliths, and reach similar conclusions.
Researchers said they observed a hacking group attempting to lure senior Russian military officers to download malware using a variety of phishing emails therecord.media/cyber-spies-...
First day of vacation beer at the Canadian Warplane Heritage Museum.
Germany seems more willing to call out Russia - today the government is accusing Russia of a large scale cyber attack on air traffic security and for disinformation campaign during the federal elections earlier this year:
Blockbuster reporting by Maria Kolomychenko on the Aeroflot hack with new details on messy infosec, the impact of & recovery from what was the biggest cyber attack on Russia during the war
thebell.io/istoriya-bol...
Another day another Belarusian picked up by the Poles for spying and “sabotage”
The UK has updated their GRU cyber profiles today. I love the breakdown of Fancy Bear into at least 3 distinct teams. It helps the research I've been doing into subgroups and regionalization within the GRU, trying to break down monoliths into a military district based understanding of GRU cyber ops.
It strikes me that people make fun of American politicians or influencers who post AI nonsense. But when Russia, China or Iran does the same thing, people act like they're sophisticated threat actors capable of shaping global opinion at will.
Always fun to see the reason one of your instructors got the job at MGIMO.
Off bright and early to DC for Cyberwarcon.
Oh ok so it wasn’t a GRU operator (necessarily) — it was a guy working as part of the recently identified threat group that pissed off Dutch intelligence
The indefatigable Steven Fisher, formerly of Citibank Russia and Citibank Ukraine, has assembled this collection of remembrances from former expats in Russia. There is so much here, so many memories of a Russia vanished. I reminisced about riding the rails ( scottgehlbach.net/posts/4055-r...).
FT report: Russia’s Rubikon unit is upending Ukraine’s drone advantage — locating & killing operators deep behind the lines, training other Russian teams, & seizing control of Ukraine's decisive "electromagnetic spectrum." Ukrainian pilots now face relentless pressure, must adapt tactics to survive.
It is apparently very hard to use Yandex to search "what countries extradite to the US?"
theins.ru/news/286794
Tonight's bottle of Georgian.
Don’t let anyone tell you that the Russians never arrest cybercriminals. Criminals who cause harm to Russians are regularly arrested, and as this instance shows, often dealt with harshly. See my timeline for a modest sampling of other arrests of hackers, fraudsters, and other Russian cybercriminals.
What we report publicly and attribute vs what they report publicly and attribute are wildly different beasts. Wish Bi Zone gave some geographic attribution but will take what I can get right now.
I think super important to track what they're saying about what they fear, what they think war looks like, & what they think adversaries will do, as well as what they themselves hope to do & what they actually do. Also crucial to track the disconnects between these & whether & when they narrow. 7/7
Most interesting to me is that the cooperation between Gamaredon and Turlais distinct from the Gamaredon cooperation with Invisimole. They are really solidifying themselves as an initial access team within the FSB.
www.welivesecurity.com/en/eset-rese...