@shakirov2036.bsky.social
I study Russian foreign policy, cyber security, arms control
New report from Positive Technologies vivisects recent (2024-2025) APT31 attacks targeting Russian IT firms specifically government contractors and integrators
ptsecurity.com/research/pt-...
Thanks to @cyberwarcon.bsky.social for an impressive event. Really enjoyed the talks & the chance to meet people much more obsessed with 'cyber' than I am
I got 0 photos except for some slides. But as I was getting off metro I saw this. Quite symbolic in light of my talk on drones & hacking
@doublepulsar.com www.technologyreview.com/2025/11/10/1...
12.11.2025 17:31 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0
Some of @ridt.bsky.social's tweets are preserved as historical heritage in edited volume citations
04.11.2025 20:00 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0
new by me - a look at MITโs cyberslop
IOCs and TTPs included
doublepulsar.com/cyberslop-me...
The transition to digital warfare implies that the power of states and alliances will depend on compute much more than on territorial or resource control
Alas, Russia does and will continue to lag behind in this race
The most informed take from Russia so far on drone warfare (and by extension digital warfare) from former Chief of General Staff Yury Baluevskiy & Ruslan Pukhov of CAST
TL;DR: drones are indeed revolutionizing & militaries will need to adapt
globalaffairs.ru/articles/czi...
Russian authorities arrested 3 men in Astrakhan for creating 'the infamous Medusa virus' (probably Medusa stealer), acc. to the Ministry of Interior. In May they allegedly targeted an org in that region
They are also linked to another unnamed malware
t.me/IrinaVolk_MV...
NEW: The CEO of Memento Labs admits the spyware found by security researchers targeting Windows victims in Russia was his company's.
He said that one of his customers used an outdated version of the spyware that's going to be decommissioned at the end of this year.
techcrunch.com/2025/10/28/c...
28.10.2025 23:23 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
New draft resolution (by Austria, El Salvador, Kazakhstan, Kiribati, Malta, & Mexico) urges NWS to publish policies "explicitly affirming and operationalizing that [C3] systems of nuclear weapons that integrate [AI] will remain subject to human control"
digitallibrary.un.org/record/4091455
Speaking of Grokipedia, Russian authorities have long complained about Wikipedia's biases & promoted several sovereign alternatives incl. Ruwiki (ruwiki.ru) which was forked from Wikipedia & then 'properly' edited. It also uses AI by the way
28.10.2025 02:24 โ ๐ 3 ๐ 0 ๐ฌ 1 ๐ 0If it quacks like a cyber please take a pause and still wait for the initial reports
27.10.2025 21:30 โ ๐ 4 ๐ 0 ๐ฌ 0 ๐ 0Yeah, it was repealed this summer
27.10.2025 21:28 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0Still not a done thing. An earlier bill on white hackers was repealed, so it remains to be seen if this one would pass and in what form
27.10.2025 20:32 โ ๐ 2 ๐ 0 ๐ฌ 1 ๐ 0These reports are not credited in today's Kaspersky report on ForumTroll, Dante & Memento Labs but cover some of the same activities
Yet, none of the previous investigations made a connection to Memento Labs
bsky.app/profile/shak...
Earlier research on the same threat actor that used Dante reported today by Kaspersky
Dr. Web first found malware w/ the DANTEMARK label st.drweb.com/static/new-w...
F6 called it Dante APT www.f6.ru/cybercrime-t...
PT linked ForumTroll w/ a few other clusters global.ptsecurity.com/en/research/...
Kaspersky discovered Dante, spyware from Memento Labs (ex-HackingTeam), used by an APT (dubbed ForumTroll) in attacks targeting Russia & Belarus since 2022
securelist.com/forumtroll-a...
Taking metro in DC makes you think about mission-critical, AI-driven, battlefield-proven solutions to everyday problems
25.10.2025 17:15 โ ๐ 5 ๐ 0 ๐ฌ 0 ๐ 1
The recording of the signing ceremony is available here webtv.un.org/en/asset/k1m...
It features not only routine signings but also artful cybersecurity-themed dance performance
The UN Convention against Cybercrime was signed by 63 states & the EU. These include Russia, China, United Kingdom, 12 EU member states, Brazil, Australia, many from Africa, Latin America, South & Southeast Asia.
No signatures from the United States, France, Germany, India
As I noted before (bsky.app/profile/shak...), MSS's emphasis on potentially destructive consequences of the attack on the National Time Service Center was likely a response to U.S. accusations regarding Volt Typhoon
Now the Chinese MFA says this explicitly www.fmprc.gov.cn/mfa_eng/xw/f...
In August it was only calls, not entire apps
22.10.2025 23:39 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
Singapore submitted draft resolution to the First Committee on establishing a successor to OEWG, Global Mechanism on developments in the field of ICTs in the context of international security and advancing responsible State behaviour in the use of ICTs
digitallibrary.un.org/record/40909...
Balance of terror
21.10.2025 20:31 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0In its earlier accusation against the U.S. regarding hacking, China often was all over the place
This time, despite some inconsistency, messages from the MSS & the CNCERT/CC complement each other making this one of the most straightforward & compelling Chinese accusations
11/11
Still, while providing text descriptions and some screenshots, it lacks any samples and the IP addresses used by the attackers are presented in a redacted form typical for Chinese reports
10/11
By Chinese public attribution standards, the CNCERT/CC's report is pretty substantive & detailed
Compare it to CVERC's 'Lie to Me' reports www.cverc.org.cn/head/zhaiyao... or CNCERT/CC's own August report on alleged U.S. attacks www.cert.org.cn/publish/main...; both are slim on details
9/11
CNCERT/CC provides evidence to support accusations against the NSA, specifically the use of Operation Triangulation tools (disclosed by Kaspersky but linked to the U.S. by the FSB) to gain initial access & of a seemingly updated DanderSpritz (leaked by the Shadow Brokers)
8/11
When read carefully, CNCERT/CC's report shows that the attacker's goal likely was espionage; unlike the MSS, nowhere does it suggest disruptive actions or intentions
Maybe CNCERT/CC doesn't disclose this part, or this was MSS's own interpretation (or response to the U.S.)
7/11
