1 day ago · Seashell Blizzard initial access subgroup operational lifecycle. Image by Microsoft Threat Intelligence. Microsoft further believes BadPilot’s actions may have contributed to numerous destructive cyberattacks in Ukraine since 2023, specifically targeting the nation’s energy, retail, education, consulting, and agriculture sectors.

2 days ago · Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and ...

2 days ago · The Russia-linked threat actor known as Seashell Blizzard has tasked one of its subgroups with obtaining initial access to internet-facing infrastructure and establishing long-term persistence in targeted organizations, Microsoft reports. Also referred to as APT44, BlackEnergy Lite, Sandworm, Telebots, and Voodoo Bear, Seashell Blizzard has ...

1 day ago · Seashell Blizzard has, since Russia’s invasion of Ukraine in 2022, carried out a steady stream of operations complementing Russian military objectives. These have ranged from espionage to information operations and cyber-enabled disruption, usually in the form of destructive attacks and manipulation of industrial control systems. ...

1 day ago · Microsoft released a lengthy blog post detailing the severity of the cyber threats enabled by the Russian Seashell Blizzard worldwide. Initially starting in Eastern Europe, with a heavy focus on Ukraine, the cyberattack campaign spread throughout the world. It encompassed a complex strategy, ranging from scanning and exploiting victim ...

2 days ago · A subgroup of the Russian state-sponsored hacking group APT44, also known as 'Seashell Blizzard' and 'Sandworm', has been targeting critical organizations and governments in a multi-year campaign ...

2 days ago · Any sign of Sandworm, which Microsoft refers to by the name Seashell Blizzard, raises alarms in part because the group has a history of hacking operations that go far beyond mere spying.

2 days ago · A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe. "This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored network operations," the ...

Critical targets. Since early 2024, Seashell Blizzard has expanded its range of targets from beyond Eastern Europe to include the US and UK, exploiting flaws ‘primarily in ConnectWise ...

1 day ago · Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel