I adapted this article from my LinkedIn newsfeed to highlight not only a new cyber threat but also a brilliant cybersecurity researcher: Ms. Tammy HARPER. She published a detailed article on July 10, 2025, exposing a new exploitation framework named MIKRONET that has been put up for sale on Russian-speaking forums. Sold for $2,800 per…
I am revisiting the advisory published on July 22, 2025, in which several U.S. and North American government agencies issued a joint cybersecurity advisory regarding the Interlock ransomware, specifically targeting businesses and critical infrastructure across North America and Europe. This advisory stems from recent investigations conducted by the Federal Bureau of Investigation (FBI), the Cybersecurity…
A Flagship Forum of Russophone Cybercrime Here is a factual and neutral synthesis based on OSINT sources. The XSS forum (accessible via the domain xss.is) has emerged as one of the world’s leading cybercrime hubs, particularly within the Russian-speaking community. Originally launched in 2004 under the name DaMaGeLaB, this hacker forum has been active for…
I have reviewed the CISA bulletin of newly reported vulnerabilities for the week of July 14, 2025. It is a compilation of recently discovered flaws, mostly classified as critical (CVSS score 7.0–10.0). As a CERT manager, I am providing here a detailed analysis of these vulnerabilities. I have grouped them by vendor, highlighting each flaw…
This article presents an analysis by CERT-UA (the Ukrainian national CERT) of activities linked to APT28. Between March and April 2024, a sophisticated multi-stage cyberoperation targeted Ukrainian government agencies (central executive authorities). The attack is attributed to threat actor UAC-0001, also known internationally as APT28 or Fancy Bear, known for advanced espionage campaigns. Discovery of…
