UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies

#### [Cyber-crime](/security/cyber_crime/)**9** UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies=================================================================================**9** Fancy Bear can’t keep its claws out of Outlook inboxes——————————————————[Jessica Lyons](/Author/Jessica-Lyons ‘Read more by this author’) Sun 20 Jul 2025 // 11:01 UTC [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies) [](https://twitter.com/intent/tweet?text=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies&url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies&summary=Fancy%20Bear%20can%27t%20keep%20its%20claws%20out%20of%20Outlook%20inboxes) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) The UK government is warning that Russia’s APT28 (also known as Fancy Bear or Forest Blizzard) has been deploying previously unknown malware to harvest Microsoft email credentials and steal access to compromised accounts.Both the UK and the US have previously said APT28 is part of Russia’s General Staff Main Intelligence Directorate (GRU) military unit [26165](https://www.theregister.com/2025/05/21/russias_fancy_bear_alert/). Friday’s malware revelations – dubbed Authentic Antics by the UK – came just hours after the British government [sanctioned](https://www.gov.uk/government/publications/profile-gru-cyber-and-hybrid-threat-operations/profile-gru-cyber-and-hybrid-threat-operations) three GRU units (26165, 29155, and 74455) and several individual spies, accused of ‘conducting a sustained campaign of malicious cyber activity over many years.’Authentic Antics was initially discovered following a 2023 breach investigated by Microsoft and NCC Group, but today is the first time that the government has attributed it to the Russian military crew. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aH09HpV14UW5gA6GuwHABgAAAFQ&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0)The malware targets the Windows operating system, running within Outlook, according to a [technical analysis](https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/authentic-antics/ncsc-mar-authentic_antics.pdf). ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aH09HpV14UW5gA6GuwHABgAAAFQ&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0) ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aH09HpV14UW5gA6GuwHABgAAAFQ&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0)Authentic Antics periodically displays a login window that prompts the user to enter their credentials, and if they do, the malware steals the data, along with OAuth authentication tokens, which allow access to Microsoft services, including Exchange Online, SharePoint, and OneDrive.In addition, the malware exfiltrates victims’ data by sending emails from the victim’s account to an actor-controlled email address without the emails showing in the ‘sent’ folder.> The use of Authentic Antics malware demonstrates the persistence and sophistication of the cyber threat posed by Russia’s GRU’The use of Authentic Antics malware demonstrates the persistence and sophistication of the cyber threat posed by Russia’s GRU,’ the UK’s National Cyber Security Centre director of operations Paul Chichester said in a [statement](https://www.ncsc.gov.uk/news/uk-call-out-russian-military-intelligence-use-espionage-tool).’NCSC investigations of GRU activities over many years show that network defenders should not take this threat for granted and that monitoring and protective action is essential for defending systems,’ he added. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aH09HpV14UW5gA6GuwHABgAAAFQ&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0)In May, the NCSC, US National Security Agency, and several other government agencies warned that this same GRU cyber-spy unit was [targeting ‘dozens’](https://www.theregister.com/2025/05/21/russias_fancy_bear_alert/) of Western and NATO-country logistics providers, tech companies, and government orgs providing transport and foreign assistance to Ukraine.The advisory says the snoops also targeted internet-connected cameras at border crossings to track aid shipments in an ongoing campaign that began in 2022, which is when Russia first invaded neighboring Ukraine.* [Russia’s Fancy Bear swipes a paw at logistics, transport orgs’ email servers](https://www.theregister.com/2025/05/21/russias_fancy_bear_alert/)* [New Russian cyber-spy crew Laundry Bear joins the email-stealing pack](https://www.theregister.com/2025/05/27/new_russian_cyberspy_crew_laundry_bear/)* [What a coincidence. Spyware makers, Russia’s Cozy Bear seem to share same exploits](https://www.theregister.com/2024/08/29/commercial_spyware_russia_mongolia/)* [So … Russia no longer a cyber threat to America?](https://www.theregister.com/2025/03/04/russia_cyber_threat/)That same year, GRU unit 26165 conducted online reconnaissance to guide missile strikes against Mariupol — including the strike that destroyed the Mariupol Theatre and [reportedly](https://apnews.com/article/russia-military-intelligence-sabotage-cyber-attacks-2657fe4b54d93e35f30f4ce3fc2665cb) killed hundreds of civilians, including children.According to the UK government, the GRU units and the officers sanctioned today also planted [X-Agent](https://www.theregister.com/2018/07/16/apt28_italian_job/) spyware on phones belonging to former Russian double agent Sergei Skripal and his daughter, Yulia, before reportedly [poisoning](https://www.reuters.com/article/world/the-poisoning-of-former-russian-double-agent-sergei-skripal-idUSKCN1GP2CH/) them with Novichok in 2018.The GRU officers sanctioned include: Aleksandr Vladimirovich Osadchuk, Yevgeniy Mikhaylovich Serebriakov, Anatoliy Sergeyvich Kovalev, Artem Valeryvich Ochichenko, Vladislav Yevgenyevich Borovkov, Nikolay Aleksandrovich Korchagin, Yuriy Federovich Denisov, Vitaly Aleksandrovich Shevchenko, Ivan Sergeyevich Yermakov, Aleksey Viktorovich Lukashev, Sergey Sergeyevich Vasyuk, Andrey Eduardovich Baranov, Aleksey Sergeyevich Morenets, Sergey Aleksandrovich Morgachev, Artem Adreyevich Malyshev, Yuriy Leonidovich Shikolenko, Victor Borisovich Netyksho, Dmitriy Aleksandrovich Mikhaylov, Artyom Sergeevich Kureyev, Anna Sergeevna Zamaraeva, and Victor Aleksandrovich Lukovenko.In conjunction with the UK sanctions, both the [EU](https://www.consilium.europa.eu/en/press/press-releases/2025/07/18/hybrid-threats-russia-statement-by-the-high-representative-on-behalf-of-the-eu-condemning-russia-s-persistent-hybrid-campaigns-against-the-eu-its-member-states-and-partners/) and [NATO](https://www.nato.int/cps/en/natohq/official_texts_237067.htm) issued statements condemning Russia’s malicious cyber activities and attributing recent digital intrusions and snooping campaigns to the GRU.Microsoft says it has nothing to share, and CISA has referred us to the NCSC; we’ll update if we receive any additional comment. ® [Sponsored: Is your password ecosystem ready for the regulators?](https://go.theregister.com/tl/3211/shttps://www.theregister.com/2025/07/08/password_ecosystem_regulators/) Share [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies) [](https://twitter.com/intent/tweet?text=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies&url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies&summary=Fancy%20Bear%20can%27t%20keep%20its%20claws%20out%20of%20Outlook%20inboxes) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) #### More about* [Cybercrime](/Tag/Cybercrime/)* [Microsoft](/Tag/Microsoft/)* [Russia](/Tag/Russia/) More like these × ### More about* [Cybercrime](/Tag/Cybercrime/)* [Microsoft](/Tag/Microsoft/)* [Russia](/Tag/Russia/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Active Directory](/Tag/Active%20Directory/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [Azure](/Tag/Azure/)* [BEC](/Tag/BEC/)* [Bing](/Tag/Bing/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [BSoD](/Tag/BSoD/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [End Point Protection](/Tag/End%20Point%20Protection/)* [Excel](/Tag/Excel/)* [Exchange Server](/Tag/Exchange%20Server/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [HoloLens](/Tag/HoloLens/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Internet Explorer](/Tag/Internet%20Explorer/)* [Kenna Security](/Tag/Kenna%20Security/)* [LinkedIn](/Tag/LinkedIn/)* [Microsoft 365](/Tag/Microsoft%20365/)* [Microsoft Build](/Tag/Microsoft%20Build/)* [Microsoft Edge](/Tag/Microsoft%20Edge/)* [Microsoft Fabric](/Tag/Microsoft%20Fabric/)* [Microsoft Ignite](/Tag/Microsoft%20Ignite/)* [Microsoft Office](/Tag/Microsoft%20Office/)* [Microsoft Surface](/Tag/Microsoft%20Surface/)* [Microsoft Teams](/Tag/Microsoft%20Teams/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [.NET](/Tag/.NET/)* [Office 365](/Tag/Office%20365/)* [OS/2](/Tag/OS%2F2/)* [Outlook](/Tag/Outlook/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Patch Tuesday](/Tag/Patch%20Tuesday/)* [Personally Identifiable Information](/Tag/Personally%20Identifiable%20Information/)* [Phishing](/Tag/Phishing/)* [Pluton](/Tag/Pluton/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [Roscosmos](/Tag/Roscosmos/)* [RSA Conference](/Tag/RSA%20Conference/)* [SharePoint](/Tag/SharePoint/)* [Skype](/Tag/Skype/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [SQL Server](/Tag/SQL%20Server/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Visual Studio](/Tag/Visual%20Studio/)* [Visual Studio Code](/Tag/Visual%20Studio%20Code/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Windows](/Tag/Windows/)* [Windows 10](/Tag/Windows%2010/)* [Windows 11](/Tag/Windows%2011/)* [Windows 7](/Tag/Windows%207/)* [Windows 8](/Tag/Windows%208/)* [Windows Server](/Tag/Windows%20Server/)* [Windows Server 2003](/Tag/Windows%20Server%202003/)* [Windows Server 2008](/Tag/Windows%20Server%202008/)* [Windows Server 2012](/Tag/Windows%20Server%202012/)* [Windows Server 2013](/Tag/Windows%20Server%202013/)* [Windows Server 2016](/Tag/Windows%20Server%202016/)* [Windows Subsystem for Linux](/Tag/Windows%20Subsystem%20for%20Linux/)* [Windows XP](/Tag/Windows%20XP/)* [Xbox](/Tag/Xbox/)* [Xbox 360](/Tag/Xbox%20360/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [APAC](/Tag/APAC/)* [Bill Gates](/Tag/Bill%20Gates/)* [EMEA](/Tag/EMEA/)* [Europe](/Tag/Europe/) #### More aboutShare [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies) [](https://twitter.com/intent/tweet?text=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies&url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=UK%20uncovers%20novel%20Microsoft%20snooping%20malware%2c%20blames%20and%20sanctions%20GRU%20cyberspies&summary=Fancy%20Bear%20can%27t%20keep%20its%20claws%20out%20of%20Outlook%20inboxes) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) **9** COMMENTS #### More about* [Cybercrime](/Tag/Cybercrime/)* [Microsoft](/Tag/Microsoft/)* [Russia](/Tag/Russia/) More like these × ### More about* [Cybercrime](/Tag/Cybercrime/)* [Microsoft](/Tag/Microsoft/)* [Russia](/Tag/Russia/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Active Directory](/Tag/Active%20Directory/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [Azure](/Tag/Azure/)* [BEC](/Tag/BEC/)* [Bing](/Tag/Bing/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [BSoD](/Tag/BSoD/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [End Point Protection](/Tag/End%20Point%20Protection/)* [Excel](/Tag/Excel/)* [Exchange Server](/Tag/Exchange%20Server/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [HoloLens](/Tag/HoloLens/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Internet Explorer](/Tag/Internet%20Explorer/)* [Kenna Security](/Tag/Kenna%20Security/)* [LinkedIn](/Tag/LinkedIn/)* [Microsoft 365](/Tag/Microsoft%20365/)* [Microsoft Build](/Tag/Microsoft%20Build/)* [Microsoft Edge](/Tag/Microsoft%20Edge/)* [Microsoft Fabric](/Tag/Microsoft%20Fabric/)* [Microsoft Ignite](/Tag/Microsoft%20Ignite/)* [Microsoft Office](/Tag/Microsoft%20Office/)* [Microsoft Surface](/Tag/Microsoft%20Surface/)* [Microsoft Teams](/Tag/Microsoft%20Teams/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [.NET](/Tag/.NET/)* [Office 365](/Tag/Office%20365/)* [OS/2](/Tag/OS%2F2/)* [Outlook](/Tag/Outlook/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Patch Tuesday](/Tag/Patch%20Tuesday/)* [Personally Identifiable Information](/Tag/Personally%20Identifiable%20Information/)* [Phishing](/Tag/Phishing/)* [Pluton](/Tag/Pluton/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [Roscosmos](/Tag/Roscosmos/)* [RSA Conference](/Tag/RSA%20Conference/)* [SharePoint](/Tag/SharePoint/)* [Skype](/Tag/Skype/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [SQL Server](/Tag/SQL%20Server/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Visual Studio](/Tag/Visual%20Studio/)* [Visual Studio Code](/Tag/Visual%20Studio%20Code/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Windows](/Tag/Windows/)* [Windows 10](/Tag/Windows%2010/)* [Windows 11](/Tag/Windows%2011/)* [Windows 7](/Tag/Windows%207/)* [Windows 8](/Tag/Windows%208/)* [Windows Server](/Tag/Windows%20Server/)* [Windows Server 2003](/Tag/Windows%20Server%202003/)* [Windows Server 2008](/Tag/Windows%20Server%202008/)* [Windows Server 2012](/Tag/Windows%20Server%202012/)* [Windows Server 2013](/Tag/Windows%20Server%202013/)* [Windows Server 2016](/Tag/Windows%20Server%202016/)* [Windows Subsystem for Linux](/Tag/Windows%20Subsystem%20for%20Linux/)* [Windows XP](/Tag/Windows%20XP/)* [Xbox](/Tag/Xbox/)* [Xbox 360](/Tag/Xbox%20360/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [APAC](/Tag/APAC/)* [Bill Gates](/Tag/Bill%20Gates/)* [EMEA](/Tag/EMEA/)* [Europe](/Tag/Europe/) #### TIP US OFF[Send us news](https://www.theregister.com/Profile/contact/)[#### Microsoft offers vintage Exchange and Skype server users six more months of security updatesIt looks like enough of you are struggling to migrate that Redmond is willing to help out — for a price that might buy nothingPatches4 days -| 11](/2025/07/17/microsoft_extended_security_exchange_skype_server/?td=keepreading) [#### Russia, hotbed of cybercrime, says nyet to ethical hacking billPoliticians uneasy over potential impact on national security, local reports saySecurity10 days -| 4](/2025/07/10/russia_ethical_hacking_bill/?td=keepreading) [#### Ukrainian hackers claim to have destroyed major Russian drone maker’s entire network’Deeply penetrated’ Gaskar ‘to the very tonsils of demilitarization’Security4 days -| 106](/2025/07/16/ukrainian_drone_attack/?td=keepreading) [#### From hype to harm: 78% of CISOs see AI attacks alreadyAI attacks are keeping most practitioners up at night, says Darktrace, and with good reasonSponsored feature](/2025/05/16/cisos-report-ai-attacks/?td=keepreading) [#### Operation Eastwood shutters 100+ servers used to DDoS websites supporting UkraineTwo Russian suspects in cuffs, seven warrants outCyber-crime4 days -| 13](/2025/07/16/russian_hacktivist_bust/?td=keepreading) [#### Microsoft Windows Firewall complains about Microsoft codeJust ignore the warnings. Nothing to see here. Move alongSecurity17 days -| 22](/2025/07/03/microsoft_windows_firewall_error/?td=keepreading) [#### You have a fake North Korean IT worker problem — here’s how to stop itThick resumes with thin LinkedIn connections are one sign. Refusing an in-person interview is anotherCyber-crime7 days -| 114](/2025/07/13/fake_it_worker_problem/?td=keepreading) [#### Massive browser hijacking campaign infects 2.3M Chrome, Edge usersupdated These extensions weren’t malware-laced from the start, researcher saysResearch12 days -| 39](/2025/07/08/browser_hijacking_campaign/?td=keepreading) [#### Crims hijacking fully patched SonicWall VPNs to deploy stealthy backdoor and rootkitUpdated Someone’s OVERSTEPing the markResearch4 days -| 3](/2025/07/16/sonicwall_vpn_hijack/?td=keepreading) [#### Ex-ASML engineer who stole chip tech for Russia gets three years in Dutch prison’Whether those files were allowed to go to Russia? I didn’t ask’Cyber-crime10 days -| 5](/2025/07/10/exasml_engineer_dutch_prison/?td=keepreading) [#### Ex-US soldier who Googled ‘can hacking be treason’ pleads guilty to extortionFile this one under what not to search if you’ve committed a crimeCyber-crime5 days -| 17](/2025/07/15/solider_hacking_guilty/?td=keepreading) [#### Now everybody but Citrix agrees that CitrixBleed 2 is under exploitUpdated Add CISA to the listPatches10 days -| 3](/2025/07/10/cisa_citrixbleed_kev/?td=keepreading)

Related Tags:
FROZENLAKE

Forest Blizzard

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 517 – Telecommunications

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 518 – Computing Infrastructure Providers

Data Processing

Web Hosting

Related Services

NAICS: 92 – Public Administration

NAICS: 51 – Information

Associated Indicators:

Threat Intel Solutions

UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies

Search

Popular Posts

Dangerous runC flaws could allow hackers to escape Docker containers

Lost iPhone? Don’t fall for phishing texts saying it was found

NAKIVO Introduces v11.1 with Upgraded Disaster Recovery and MSP Features

Categories

Pages

Archives

Tags

Follow Us