Symantec reported a Russian cyber-espionage attack on a military mission in Ukraine starting in February 2025. The attack began with an infected removable drive containing the GammaSteel malware. Built by Russian state-sponsored actor Gamaredon, GammaSteel exfiltrates documents and screenshots, gathers information on antivirus tools and running processes. It remains ongoing via a Windows registry entry. The aggressor, the target, and the information stolen remain undisclosed.
Microsoft Warns of Ransomware Exploiting Cloud Environments with New Techniques
Microsoft warns of sophisticated ransomware attacks in Q1 2025, targeting hybrid cloud environments through vulnerabilities in on-premises and cloud services. Notably, North Korean group Moonstone
