CyberSecurityBoard
Sponsor Register Login

Ukrainian government, Belarusian opposition targeted in new espionage campaign | The Record from Recorded Future News

A suspected Belarusian state-backed hacking group is behind a cyber espionage campaign targeting opposition activists in the country, as well as Ukrainian military and government entities, according to a new report. “While Belarus doesn’t actively participate in military campaigns in the war in Ukraine, cyber threat actors associated with it appear to have no reservations about conducting cyber espionage operations against Ukrainian targets,” the researchers said. In Ukraine, the hackers distributed phishing documents disguised as an anti-corruption initiative action plan for government organizations and a report template related to military supply logistics. GhostWriter is closely tied to Belarusian state intelligence and has previously targeted government, military and civilian entities in Ukraine and Europe. The operation, which researchers from cybersecurity firm SentinelOne linked to the long-running GhostWriter hacking group, has been in development since mid-2024 and is likely ongoing. The report, published Tuesday, doesn’t specify the goal of the campaign, but GhostWriter is primarily known for cyber espionage.

This Cyber News was published on therecord.media. Publication date: Wed, 26 Feb 2025 15:10:09 +0000


Cyber News related to Ukrainian government, Belarusian opposition targeted in new espionage campaign | The Record from Recorded Future News

Ukrainian government, Belarusian opposition targeted in new espionage campaign | The Record from Recorded Future News - A suspected Belarusian state-backed hacking group is behind a cyber espionage campaign targeting opposition activists in the country, as well as Ukrainian military and government entities, according to a new report. “While Belarus doesn’t ...
6 months ago Therecord.media
Apple alert: India opposition says government tried to hack phones - Some Indian opposition leaders have accused the government of trying to hack into their phones after receiving warning messages from Apple. Apple's alert said it believed the recipient was "Being targeted by state-sponsored attackers". He added that ...
1 year ago Bbc.com
Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
1 year ago Darkreading.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
North Korean hackers target Ukrainian government in new espionage campaign | The Record from Recorded Future News - North Korea, which started deploying troops to assist Russian forces in Ukraine in late 2024, is likely using this intelligence to assess risks to its own forces on the ground and to gauge whether Moscow will require further military support, ...
3 months ago Therecord.media
Signal no longer cooperating with Ukraine on Russian cyber threats, official says | The Record from Recorded Future News - Speaking to Recorded Future News on the sidelines of the Kyiv cyber forum, Demediuk said that Ukraine used “an official communication channel” to reach out to Signal about how the app is being abused by Russians, including for phishing attacks ...
5 months ago Therecord.media
Russian state hackers spy on Ukrainian military through Signal app | The Record from Recorded Future News - Google said that while these recent attacks were likely driven by wartime demands to access sensitive government and military communications in the context of Russia’s invasion of Ukraine, researchers expect attacks on Signal to grow and spread to ...
6 months ago Therecord.media Turla
Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News - While the group is based in China, Microsoft previously said it is “unable to confidently assess the threat actor’s objectives.” The two other Chinese groups identified with the so-called “ToolShell” campaign — Linen Typhoon and Violet ...
1 month ago Therecord.media CVE-2025-49706
Gamaredon Hacker Group Using Weaponize LNK Files To Drop Remcos Backdoor on Windows - Cisco Talos researchers identified this campaign has been active since at least November 2024, with evidence suggesting Gamaredon is specifically targeting Ukrainian government organizations, critical infrastructure, and entities affiliated with ...
5 months ago Cybersecuritynews.com
Who Is Behind Pro-Ukrainian Cyberattacks on Iran? - COMMENTARY. Ukrainian cyber forces have attacked Russian infrastructure and assets almost since the first day of the Russian invasion of Ukraine on Feb. 24, 2022. While its mainstay is denial-of-service attacks that have knocked out the Russian ...
1 year ago Darkreading.com
Critics of Putin and his allies targeted with spyware inside the EU - At least seven journalists and activists who have been vocal critics of the Kremlin and its allies have been targeted inside the EU by a state using Pegasus, the hacking spyware made by Israel's NSO Group, according to a new report by security ...
1 year ago Packetstormsecurity.com
Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group - The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latvia's Ministry of Defense last week, the ministry told The Record on Friday. Hackers sent malicious emails to several employees of the ministry, ...
2 years ago Therecord.media
New GIFTEDCROOK Stealer Attacking Government Orgs To Steal Sensitive Data - Ukrainian government organizations are facing a sophisticated new cyber threat as threat actors deploy the recently discovered GIFTEDCROOK stealer malware to harvest sensitive data. Since February 2025, security researchers have been monitoring this ...
4 months ago Cybersecuritynews.com
Ukrainian hackers disrupt internet providers in Russia-occupied territories - Ukrainian hackers have temporarily disabled internet services in parts of the country's territories that have been occupied by Russia. The group of cyber activists known as the IT Army said on Telegram that their distributed denial-of-service attack ...
1 year ago Therecord.media
UAC-0219 Hackers Using PowerShell Stealer WRECKSTEEL to Steal Information from Computers - It then uploads them to command and control servers using several identified IP addresses including 172.86.114.149, 167.88.167.254, and 45.61.157.179, creating a persistent data exfiltration channel that threatens Ukrainian national security. Their ...
4 months ago Cybersecuritynews.com
Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel - In a sophisticated cyber espionage campaign, threat actors are actively targeting Indian government personnel using decoy documents referencing the recent Pahalgam attack. The malware campaign appears specifically tailored to compromise sensitive ...
3 months ago Cybersecuritynews.com
Ukraine security services involved in hack of Russia's largest private bank - Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News. Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, ...
1 year ago Therecord.media
Russian media, academia targeted in espionage campaign using Google Chrome zero-day exploit | The Record from Recorded Future News - Last June, Kaspersky discovered another espionage campaign, dubbed Operation Triangulation, that exploited two vulnerabilities in Apple devices. Russian security researchers discovered sophisticated new malware used in an espionage campaign targeting ...
5 months ago Therecord.media CVE-2025-2783
Researchers Uncovered Gamaredon's PteroLNK VBScript Malware Infrastructure & TTP's - “The scripts are designed to allow flexibility for their operators, enabling easy modification of parameters such as file names and paths, persistence mechanisms, and detection logic for security solutions on the target system,” the ...
4 months ago Cybersecuritynews.com
Ukraine cyber officials warn of a 'surge' in Smokeloader attacks on financial, government entities - Suspected Russian cybercriminals have increased their attacks against Ukrainian financial and government organizations using Smokeloader malware, according to Ukrainian cybersecurity officials. Since May of this year, the malware operators have ...
1 year ago Therecord.media
Lawmakers: Ban TikTok to Stop Election Misinformation! Same Lawmakers: Restrict How Government Addresses Election Misinformation! - In a case being heard Monday at the Supreme Court, 45 Washington lawmakers have argued that government communications with social media sites about possible election interference misinformation are illegal. Just this week the vast majority of those ...
1 year ago Eff.org
'Russian' hackers deface potentially hundreds of local British news sites - There is no evidence the story was reproduced in print. That so many Newsquest titles were affected suggests a central or shared content management system may have been breached, but there is no evidence that the hackers were actually Russian. While ...
1 year ago Therecord.media
Sandworm Hackers Caused Another Blackout in Ukraine-During a Missile Strike - The notorious unit of Russia's GRU military intelligence agency known as Sandworm remains the only team of hackers to have ever triggered blackouts with their cyberattacks, turning off the lights for hundreds of thousands of Ukrainian civilians not ...
1 year ago Wired.com
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
UK moves forward with plans for mandatory reporting of ransomware attacks | The Record from Recorded Future News - The three key policy ideas are a ban on payments by organizations working in the public sector or in critical national infrastructure; a requirement for victims to notify the government before making any extortion payments; and a mandatory reporting ...
1 month ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)