CyberSecurityBoard
Sponsor Register Login

Russian Hacking Groups Gamaredon and Turla: Latest Threats and Tactics

Russian hacking groups Gamaredon and Turla have been identified as persistent threats targeting various sectors globally. These groups are known for their sophisticated cyber espionage campaigns, leveraging advanced malware and phishing techniques to infiltrate networks. Gamaredon primarily focuses on Ukrainian governmental and military targets, utilizing spear-phishing emails and custom malware to exfiltrate sensitive data. Turla, on the other hand, is notorious for its stealthy operations and use of complex malware frameworks to maintain long-term access to victim systems. Recent reports highlight their evolving tactics, including the deployment of novel malware variants and exploitation of zero-day vulnerabilities. Organizations are advised to enhance their cybersecurity posture by implementing robust detection mechanisms, regular patching, and employee awareness training to mitigate these threats. Understanding the modus operandi of Gamaredon and Turla is crucial for developing effective defense strategies against state-sponsored cyber espionage activities.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 19 Sep 2025 15:35:13 +0000


Cyber News related to Russian Hacking Groups Gamaredon and Turla: Latest Threats and Tactics

Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group - The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latvia's Ministry of Defense last week, the ministry told The Record on Friday. Hackers sent malicious emails to several employees of the ministry, ...
2 years ago Therecord.media
Russian Hacking Groups Gamaredon and Turla: Latest Threats and Tactics - Russian hacking groups Gamaredon and Turla have been identified as persistent threats targeting various sectors globally. These groups are known for their sophisticated cyber espionage campaigns, leveraging advanced malware and phishing techniques to ...
2 months ago Cybersecuritynews.com Gamaredon Turla
Russian spy groups Turla, Gamaredon target Ukraine - Russian state-sponsored cyber espionage groups Turla and Gamaredon have intensified their cyber operations targeting Ukraine amid ongoing geopolitical tensions. These advanced persistent threat (APT) groups are known for their sophisticated tactics, ...
2 months ago Therecord.media Turla Gamaredon
Palo Alto Reveals New Features in Russian APT Turla's Kazuar Backdoor - The latest version of the Kazuar backdoor could be more sophisticated than previously imagined, according to Palo Alto Networks. The Kazuar backdoor was used by the Russian hacking group Turla to target the Ukrainian defense sector in July 2023, the ...
2 years ago Infosecurity-magazine.com Turla
Gamaredon Group Launches New Cyberattacks in 2023 - In early 2023, the Gamaredon group, a cybercrime group with ties to Russian government-backed attackers, struck again with new attacks targeting government agencies across Europe. The group has already been linked to numerous malware campaigns and ...
2 years ago Thehackernews.com Gamaredon Group
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine - A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group. Malware researchers saw indications of ...
2 years ago Bleepingcomputer.com
Russian hackers attack Western military mission using malicious drive - The Russian state-backed hacking group Gamaredon (aka “Shuckworm”) has been targeting a military mission of a Western country in Ukraine in attacks likely deployed from removable drives. Symantec threat researchers say the ...
7 months ago Bleepingcomputer.com
Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs - Russia-sponsored advanced persistent threat group Turla is now targeting Polish NGOs in a cyberespionage campaign that uses a freshly developed backdoor with modular capabilities, signaling an expansion of the scope of its attacks against supporters ...
1 year ago Darkreading.com Turla
Who is the DOGE and X Technician Branden Spikes? – Krebs on Security - Branden Spikes California Russian Association Congress of Russian Americans Constellation of Humanity Cyberinc Department of Government Efficiency Diana Fishman Donald J. Prior to founding Spikes Security, Branden Spikes was married to a native ...
8 months ago Krebsonsecurity.com
Encouraging Ethical Hacking Skills in Students - This article delves into the significance of encouraging ethical hacking skills in students and the numerous benefits it offers to individuals and society as a whole. Possessing ethical hacking skills can provide students with a competitive advantage ...
1 year ago Securityzap.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
1 year ago Bleepingcomputer.com CVE-2023-23397 Fancy Bear APT28
FSB arrests Russian hackers working for Ukrainian cyber forces - The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Both suspects were taken into custody one same day in two different ...
2 years ago Bleepingcomputer.com
Ukraine-Russia Cyber Battles Have Real-World Impact - "The evolution of cyberattacks and malware, particularly those that have an intersection with the use of generative AI, have lowered the barrier for entry for threat actors, leading to more threats and a greater volume of attacks," he says. ...
1 year ago Darkreading.com
Gamaredon Hacker Group Using Weaponize LNK Files To Drop Remcos Backdoor on Windows - Cisco Talos researchers identified this campaign has been active since at least November 2024, with evidence suggesting Gamaredon is specifically targeting Ukrainian government organizations, critical infrastructure, and entities affiliated with ...
8 months ago Cybersecuritynews.com
Russian state hackers spy on Ukrainian military through Signal app | The Record from Recorded Future News - Google said that while these recent attacks were likely driven by wartime demands to access sensitive government and military communications in the context of Russia’s invasion of Ukraine, researchers expect attacks on Signal to grow and spread to ...
9 months ago Therecord.media Turla
Variants of RussianSupported Gamaredons Malware Aimed at Ukrainian Government Agencies - The State Cyber Protection Centre of Ukraine has identified the Russian state-sponsored threat actor known as Gamaredon for its cyber attacks on public authorities and critical information infrastructure in the country. This advanced persistent ...
2 years ago Thehackernews.com Turla
CVE-2022-30426 - There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow ...
3 years ago
Russian Groups Target Signal Messenger in Spy Campaign - But the tactics the threat actors are using in the campaign could well serve as a blueprint for other groups to follow in broader attacks on Signal, WhatsApp, Telegram, and other popular messaging apps, GTIG warned in a blog post this week. The other ...
9 months ago Darkreading.com Turla
Ukraine says it hacked Russian aviation agency, leaks data - Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for ...
2 years ago Bleepingcomputer.com
Who Is Behind Pro-Ukrainian Cyberattacks on Iran? - COMMENTARY. Ukrainian cyber forces have attacked Russian infrastructure and assets almost since the first day of the Russian invasion of Ukraine on Feb. 24, 2022. While its mainstay is denial-of-service attacks that have knocked out the Russian ...
1 year ago Darkreading.com
Konni Malware Alert: Uncovering The Russian-Language Threat - In the ever-evolving landscape of cybersecurity, a recent discovery sheds light on a new phishing attack being dubbed the Konni malware. This cyber assault employs a Russian-language Microsoft Word document malware delivery as its weapon of choice, ...
1 year ago Securityboulevard.com Kimsuky Lazarus Group
US sanctions Russian for cleaning Ryuk's and oligarchs' cash The Register - A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her alleged role in moving hundreds of millions of dollars on behalf of oligarchs and ransomware criminals. Among these was her alleged ...
2 years ago Theregister.com Wizard Spider
Gamaredon Group - Gamaredon Group is a suspected Russian cyber espionage threat group that has targeted military, NGO, judiciary, law enforcement, and non-profit organizations in Ukraine since at least 2013. The name Gamaredon Group comes from a misspelling of the ...
1 year ago Attack.mitre.org Gamaredon Group
6 Ransomware Trends & Evolutions For 2023 - More than any other industry, cybersecurity is constantly changing. The number of major paradigm shifts that have transformed the world of cybersecurity in the past few years has been unprecedented, especially when it comes to combating ransomware. ...
2 years ago Trendmicro.com TeamTNT
1 1
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
1 year ago Bleepingcomputer.com APT29

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)