A tracker to collate cyber groups engaged in cyber activities during the Russia-Ukraine war 2022.

NetBlocks metrics confirm the restriction of Twitter in Russia from the morning of Saturday 26 February 2022. Facebook servers have subsequently been restricted as of Sunday. The restrictions are in ...

The larger of the two disinformation groups operated in Russia, as well as the Russian-dominated Donbas and Crimea regions of Ukraine.

A data wiper cyberattack struck a Ukraine border crossing Saturday as refugees waited in long lines to escape Russian aggression.

The group has claimed credit for hacking the Russian Ministry of Defence database, and is believed to have hacked multiple state TV channels to show pro-Ukraine content

As Ukraine continues to make efforts to mobilize and equip ordinary citizens on the ground to resist Russia’s unprovoked invasion of the country, those who are outside Ukraine who want to help are being asked to get involved in the fight in the virtual world. While the G7 (today with the addition of Japan) mobilize […]

Hackers are coming to Ukraine’s aid in an effort to target Russian government websites and officials with disruptive counterattacks, according to six people involved in the activity.

Experts expressed concerns about the influx of non-government cyber groups taking sides in the Russian invasion of Ukraine.

The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.

Destructive malware deployed against targets in Ukraine and other countries in the region in the hours prior to invasion.

The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.

A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.

Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.

Two cybersecurity firms with a strong business presence in Ukraine—ESET and Broadcom’s Symantec—have reported tonight that computer networks in the country have been hit with a new data-wiping attack. The attack is taking place as Russian military troops have crossed the border and invaded Ukraine’s territory in what Russian President Putin has described as a “peacekeeping” mission.

Marsh analysis, insights, and ideas, regarding new cyber insurance policy exclusion language related to war, cyber war, cyber operations, and catastrophic risk.

Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine

This report represents research conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine. The report also offers a series of lessons and conclusions resulting from the data gathered and analyzed. Notably, the report reveals new information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits and other organizations outside Ukraine. This report also unveils detail about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war efforts. We are seeing these foreign influence operations enacted in force in a coordinated fashion along with the full range of cyber destructive and espionage campaigns. Finally, the report calls for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits and civil society to come together. The foreword of this new report, written by Microsoft President and Vice Chair Brad Smith, offers additional detail below.

Threat actors associated with Russian intelligence are using the fear or nuclear war to spread data-stealing malware in Ukraine.

Gen. Paul Nakasone's remarks this month about offensive operations against Russia caused a stir. But have people misinterpreted his words?

In an exclusive interview with Sky News, General Paul Nakasone confirmed for the first time that the US had "conducted a series of operations" in response to Russia's invasion of Ukraine.

New Mandiant research detailing the various IO activities seen by nation-state actors, resulting from the Russian invasion of Ukraine.

The attack on Viasat showcases cyber’s emerging role in modern warfare.

The attack was the first in five years to use Sandworm's Industroyer malware.

Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland's members of parliament (MPs).

The operation is the latest effort by the Biden administration to thwart actions by Russia by making them public before Moscow can strike.

The latest is a printer hack, which allows the collective to send a message across the transcontinental country.

The volunteers who run open-source software projects are changing the code so that they display anti-war messages—or even wipe entire files.

InvisiMole has been collaborating with the Gamaredon APT for years.

When code with millions of downloads nukes user files, bad things can happen.

In what's an act of deliberate sabotage, the developer behind the popular "node-ipc" NPM package shipped a new tampered version to condemn Russia's invasion of Ukraine, raising concerns about security in the open-source and the software supply chain.