<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>russia &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/russia/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Thu, 14 Aug 2025 16:20:00 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Zero-Day Exploit in WinRAR File</title>
		<link>https://noise.getoto.net/2025/08/19/zero-day-exploit-in-winrar-file/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 19 Aug 2025 11:07:28 +0000</pubDate>
				<category><![CDATA[exploits]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[zero day]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70599</guid>

					<description><![CDATA[<p>A zero-day vulnerability in WinRAR is <a href="https://arstechnica.com/security/2025/08/high-severity-winrar-0-day-exploited-for-weeks-by-2-groups/">being exploited</a> by at least two Russian criminal groups:</p>
<blockquote><p>The vulnerability seemed to have super Windows powers. It abused <a href="https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/c54dec26-1551-4d3a-a0ea-4fa40f848eb3">alternate data streams</a>, a Windows feature that allows different ways of representing the same file path. The exploit abused that feature to trigger a previously unknown path traversal flaw that caused WinRAR to plant malicious executables in attacker-chosen file paths %TEMP% and %LOCALAPPDATA%, which Windows normally makes off-limits because of their ability to execute code.</p></blockquote>
<p>More details in the article...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Aeroflot Hacked</title>
		<link>https://noise.getoto.net/2025/07/29/aeroflot-hacked/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 29 Jul 2025 11:02:50 +0000</pubDate>
				<category><![CDATA[air travel]]></category>
		<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Ukraine]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70523</guid>

					<description><![CDATA[Looks serious.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Russian Internet users are unable to access the open Internet</title>
		<link>https://noise.getoto.net/2025/06/27/russian-internet-users-are-unable-to-access-the-open-internet/</link>
		
		<dc:creator><![CDATA[Michael Tremante]]></dc:creator>
		<pubDate>Thu, 26 Jun 2025 22:33:30 +0000</pubDate>
				<category><![CDATA[Internet Shutdown]]></category>
		<category><![CDATA[Policy & Legal]]></category>
		<category><![CDATA[russia]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=8cf0f051438973aead910654c5ece13e</guid>

					<description><![CDATA[Since June 9, 2025, Internet users located in Russia and connecting to the open Internet have been throttled by Russian Internet Service Providers (ISPs).]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>The Ramifications of Ukraine’s Drone Attack</title>
		<link>https://noise.getoto.net/2025/06/04/the-ramifications-of-ukraines-drone-attack/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 04 Jun 2025 11:00:52 +0000</pubDate>
				<category><![CDATA[drones]]></category>
		<category><![CDATA[military]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Ukraine]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[war]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70311</guid>

					<description><![CDATA[<p>You can read the <a href="https://www.theguardian.com/world/2025/jun/02/operation-spiderweb-visual-guide-ukraine-drone-attack-russian-aircraft">details</a> of Operation Spiderweb elsewhere. What interests me are the <a href="https://www.washingtonpost.com/opinions/2025/06/01/ukraine-drone-attack-russia-bombers/?pwapi_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZWFzb24iOiJnaWZ0IiwibmJmIjoxNzQ4NzUwNDAwLCJpc3MiOiJzdWJzY3JpcHRpb25zIiwiZXhwIjoxNzUwMTMyNzk5LCJpYXQiOjE3NDg3NTA0MDAsImp0aSI6IjQxY2YzZmE1LTQzYmUtNDY1My1hMzgwLTNkNGY5NTNmYjI1ZSIsInVybCI6Imh0dHBzOi8vd3d3Lndhc2hpbmd0b25wb3N0LmNvbS9vcGluaW9ucy8yMDI1LzA2LzAxL3VrcmFpbmUtZHJvbmUtYXR0YWNrLXJ1c3NpYS1ib21iZXJzLyJ9.uEICNg4FZ_2HZMuKPAmdrMnq7SX1ZNdv6URdJGbRLwo&#38;utm_source=nextdraft&#38;utm_medium=website">implications</a> for future warfare:</p>
<blockquote><p>If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U.S. air bases? Or the Pakistanis with Indian air bases? Or the North Koreans with South Korean air bases? Militaries that thought they had secured their air bases with electrified fences and guard posts will now have to reckon with the threat from the skies posed by cheap, ubiquitous drones that can be easily modified for military use. This will necessitate a massive investment in counter-drone systems. Money spent on conventional manned weapons systems increasingly looks to be as wasted as spending on the cavalry in the 1930s...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Location Tracking App for Foreigners in Moscow</title>
		<link>https://noise.getoto.net/2025/05/28/location-tracking-app-for-foreigners-in-moscow/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 28 May 2025 11:09:26 +0000</pubDate>
				<category><![CDATA[geolocation]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[smartphones]]></category>
		<category><![CDATA[tracking]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70294</guid>

					<description><![CDATA[<p>Russia is <a href="https://www.bleepingcomputer.com/news/government/russia-to-enforce-location-tracking-app-on-all-foreigners-in-moscow/">proposing a rule</a> that all foreigners in Moscow install a tracking app on their phones.</p>
<blockquote><p>Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information:</p>
<ul>
<li>Residence location
</li><li>Fingerprint
</li><li>Face photograph
</li><li>Real-time geo-location monitoring </li></ul>
</blockquote>
<p>This isn’t the first time we’ve seen this. Qatar <a href="https://www.theregister.com/2022/11/11/world_cup_security/">did it</a> in 2022 around the World Cup:</p>
<blockquote><p>“After accepting the terms of these apps, moderators will have complete control of users’ devices,” he continued. “All personal content, the ability to edit it, share it, extract it as well as data from other apps on your device is in their hands. Moderators will even have the power to unlock users’ devices remotely.” ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>China, Russia, Iran, and North Korea Intelligence Sharing</title>
		<link>https://noise.getoto.net/2025/03/12/china-russia-iran-and-north-korea-intelligence-sharing/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 12 Mar 2025 11:09:14 +0000</pubDate>
				<category><![CDATA[AI]]></category>
		<category><![CDATA[china]]></category>
		<category><![CDATA[intelligence]]></category>
		<category><![CDATA[iran]]></category>
		<category><![CDATA[north korea]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69992</guid>

					<description><![CDATA[<p>Former CISA Director Jen Easterly <a href="https://www.linkedin.com/posts/jen-easterly_could-the-next-five-eyes-be-the-four-activity-7295808854750081025-GcpE">writes</a> about a new international intelligence sharing co-op:</p>
<blockquote><p>Historically, China, Russia, Iran &#38; North Korea have cooperated to some extent on military and intelligence matters, but differences in language, culture, politics &#38; technological sophistication have hindered deeper collaboration, including in cyber. Shifting geopolitical dynamics, however, could drive these states toward a more formalized intell-sharing partnership. Such a “Four Eyes” alliance would be motivated by common adversaries and strategic interests, including an enhanced capacity to resist economic sanctions and support proxy conflicts...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Device Code Phishing</title>
		<link>https://noise.getoto.net/2025/02/19/device-code-phishing/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 19 Feb 2025 15:07:50 +0000</pubDate>
				<category><![CDATA[authentication]]></category>
		<category><![CDATA[authorization]]></category>
		<category><![CDATA[Phishing]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69948</guid>

					<description><![CDATA[<p>This isn’t new, but it’s <a href="https://arstechnica.com/information-technology/2025/02/russian-spies-use-device-code-phishing-to-hijack-microsoft-accounts/">increasingly popular</a>:</p>
<blockquote><p>The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide <a href="https://datatracker.ietf.org/doc/html/draft-ietf-oauth-device-flow-07#section-3.4">OAuth standard</a>. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices typically don’t support browsers, making it difficult to sign in using more standard forms of authentication, such as entering user names, passwords, and two-factor mechanisms.</p>
<p>Rather than authenticating the user directly, the input-constrained device displays an alphabetic or alphanumeric device code along with a link associated with the user account. The user opens the link on a computer or other device that’s easier to sign in with and enters the code. The remote server then sends a token to the input-constrained device that logs it into the account...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>On the CSRB’s Non-Investigation of the SolarWinds Attack</title>
		<link>https://noise.getoto.net/2024/07/08/on-the-csrbs-non-investigation-of-the-solarwinds-attack/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 08 Jul 2024 17:59:33 +0000</pubDate>
				<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[DHS]]></category>
		<category><![CDATA[microsoft]]></category>
		<category><![CDATA[national security policy]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69131</guid>

					<description><![CDATA[ProPublica has a long investigative article on how the Cyber Safety Review Board failed to investigate the SolarWinds attack, and specifically Microsoft&#8217;s culpability, even though they were directed by President Biden to do so.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Disrupting FlyingYeti&#8217;s campaign targeting Ukraine</title>
		<link>https://noise.getoto.net/2024/05/30/disrupting-flyingyetis-campaign-targeting-ukraine/</link>
		
		<dc:creator><![CDATA[Cloudforce One]]></dc:creator>
		<pubDate>Thu, 30 May 2024 13:00:38 +0000</pubDate>
				<category><![CDATA[Cloud Email Security]]></category>
		<category><![CDATA[Cloudflare Workers]]></category>
		<category><![CDATA[Cloudforce One]]></category>
		<category><![CDATA[CVE]]></category>
		<category><![CDATA[exploit]]></category>
		<category><![CDATA[Github]]></category>
		<category><![CDATA[intrusion detection]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[microsoft]]></category>
		<category><![CDATA[Phishing]]></category>
		<category><![CDATA[Remote Browser Isolation]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[serverless]]></category>
		<category><![CDATA[Threat Data]]></category>
		<category><![CDATA[Threat Intelligence]]></category>
		<category><![CDATA[Threat Operations]]></category>
		<category><![CDATA[Ukraine]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=79c1ef7666398be5b92021110206519b</guid>

					<description><![CDATA[In April and May 2024, Cloudforce One employed proactive defense measures to successfully prevent Russia-aligned threat actor FlyingYeti from launching their latest phishing campaign targeting Ukraine]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Microsoft Executives Hacked</title>
		<link>https://noise.getoto.net/2024/01/29/microsoft-executives-hacked/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 29 Jan 2024 12:03:42 +0000</pubDate>
				<category><![CDATA[disclosure]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[microsoft]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68347</guid>

					<description><![CDATA[<p>Microsoft is <a href="https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/">reporting</a> that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives.</p>
<blockquote><p>Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists</title>
		<link>https://noise.getoto.net/2023/12/21/cyberattack-on-ukraines-kyivstar-seems-to-be-russian-hacktivists/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 21 Dec 2023 12:10:10 +0000</pubDate>
				<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[cyberwar]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Telecom]]></category>
		<category><![CDATA[Ukraine]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68225</guid>

					<description><![CDATA[The Solntsepek group has taken credit for the attack. They&#8217;re linked to the Russian military, so it&#8217;s unclear whether the attack was government directed or freelance.
This is one of the most significant cyberattacks since Russia invaded in ...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>LitterDrifter USB Worm</title>
		<link>https://noise.getoto.net/2023/11/24/litterdrifter-usb-worm/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 24 Nov 2023 12:04:36 +0000</pubDate>
				<category><![CDATA[Malware]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Ukraine]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[usb]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68130</guid>

					<description><![CDATA[<p>A <a href="https://arstechnica.com/security/2023/11/normally-targeting-ukraine-russian-state-hackers-spread-usb-worm-worldwide/">new worm</a> that spreads via USB sticks is infecting computers in Ukraine and beyond.</p>
<blockquote><p>The group­—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security Service of Ukraine. Most Kremlin-backed groups take pains to fly under the radar; Gamaredon doesn’t care to. Its espionage-motivated campaigns targeting large numbers of Ukrainian organizations are easy to detect and tie back to the Russian government. The campaigns typically revolve around malware that aims to obtain as much information from targets as possible...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Remotely Stopping Polish Trains</title>
		<link>https://noise.getoto.net/2023/08/28/remotely-stopping-polish-trains/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 28 Aug 2023 11:05:54 +0000</pubDate>
				<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[radio]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[transportation]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67725</guid>

					<description><![CDATA[<p>Turns out that it’s <a href="https://www.wired.com/story/poland-train-radio-stop-attack/">easy</a> to broadcast radio commands that force Polish trains to stop:</p>
<blockquote><p>…the saboteurs appear to have sent simple so-called “radio-stop” commands via radio frequency to the trains they targeted. Because the trains use a radio system that lacks encryption or authentication for those commands, Olejnik says, anyone with as little as $30 of off-the-shelf radio equipment can broadcast the command to a Polish train­—sending a series of three acoustic tones at a 150.100 megahertz frequency­—and trigger their emergency stop function...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>FBI Disables Russian Malware</title>
		<link>https://noise.getoto.net/2023/05/10/fbi-disables-russian-malware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 10 May 2023 15:25:00 +0000</pubDate>
				<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[espionage]]></category>
		<category><![CDATA[fbi]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67333</guid>

					<description><![CDATA[<p>Reuters is <a href="https://www.reuters.com/world/fbi-says-it-has-sabotaged-hacking-tool-created-by-elite-russian-spies-2023-05-09/">reporting</a> that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.”</p>
<p>The headline says that the FBI “sabotaged” the malware, which seems to be wrong.</p>
<p>Presumably we will learn more soon.</p>
<p>EDITED TO ADD: <i>New York Times</i> <a href="https://www.nytimes.com/2023/05/09/us/politics/fbi-russia-malware.html">story</a>.</p>
<p>EDITED TO ADD: Maybe “sabotaged” is the right word. The FBI <a href="https://arstechnica.com/information-technology/2023/05/how-the-fbi-pwned-turla-a-kremlin-jewel-and-one-of-worlds-most-skilled-apts/">hacked the malware</a> so that it disabled itself.</p>
<blockquote><p>Despite the bravado of its developers, Snake is among the most sophisticated pieces of malware ever found, the FBI said. The modular design, custom encryption layers, and high-caliber quality of the code base have made it hard if not impossible for antivirus software to detect. As FBI agents continued to monitor Snake, however, they slowly uncovered some surprising weaknesses. For one, there was a critical cryptographic key with a prime length of just 128 bits, making it vulnerable to factoring attacks that expose the secret key. This weak key was used in Diffie-Hellman key exchanges that allowed each infected machine to have a unique key when communicating with another machine...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>PIPEDREAM Malware against Industrial Control Systems</title>
		<link>https://noise.getoto.net/2023/05/09/pipedream-malware-against-industrial-control-systems/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 09 May 2023 15:20:59 +0000</pubDate>
				<category><![CDATA[advanced persistent threats]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[infrastructure]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67330</guid>

					<description><![CDATA[<p>Another <a href="https://angle.ankura.com/post/102icqx/russian-linked-malware-targets-u-s-critical-infrastructure">nation-state malware</a>, Russian in origin:</p>
<blockquote><p>In the early stages of the war in Ukraine in 2022, PIPEDREAM, a known malware was quietly on the brink of wiping out a handful of critical U.S. electric and liquid natural gas sites. PIPEDREAM is an attack toolkit with unmatched and unprecedented capabilities developed for use against industrial control systems (ICSs).</p>
<p>The malware was built to manipulate the network communication protocols used by programmable logic controllers (PLCs) leveraged by two critical producers of PLCs for ICSs within the critical infrastructure sector, Schneider Electric and OMRON...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Russian Cyberwarfare Documents Leaked</title>
		<link>https://noise.getoto.net/2023/03/31/russian-cyberwarfare-documents-leaked/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 30 Mar 2023 22:00:03 +0000</pubDate>
				<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[cyberwar]]></category>
		<category><![CDATA[espionage]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[leaks]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[whistleblowers]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67134</guid>

					<description><![CDATA[<p>Now <a href="https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics">this</a> is interesting:</p>
<blockquote><p>Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet.</p>
<p>The company’s work is linked to the federal security service or FSB, the domestic spy agency; the operational and intelligence divisions of the armed forces, known as the GOU and GRU; and the SVR, Russia’s foreign intelligence organisation.</p></blockquote>
<p>Lots more at the link...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>CORRUPTION SCANDAL WITH SUSPICIONS OF ESPIONAGE  BULGARIAN GOLDEN PASSPORT. SCANDAL IN URUGUAY WITH A COLONEL FROM THE RUSSIAN INTERIOR MINISTRY</title>
		<link>https://noise.getoto.net/2023/03/02/corruption-scandal-with-suspicions-of-espionage-bulgarian-golden-passport-scandal-in-uruguay-with-a-colonel-from-the-russian-interior-ministry/</link>
		
		<dc:creator><![CDATA[Николай Марченко]]></dc:creator>
		<pubDate>Thu, 02 Mar 2023 12:00:46 +0000</pubDate>
				<category><![CDATA[andrei kashtanov]]></category>
		<category><![CDATA[andrey kashtanov]]></category>
		<category><![CDATA[Bulgarian Passport]]></category>
		<category><![CDATA[Citizenship]]></category>
		<category><![CDATA[Corruption]]></category>
		<category><![CDATA[Golden Visas]]></category>
		<category><![CDATA[Investigations]]></category>
		<category><![CDATA[Leading]]></category>
		<category><![CDATA[Ministry of Interior]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Russian Federation]]></category>
		<category><![CDATA[Uruguay]]></category>
		<guid isPermaLink="false">https://bivol.bg/?p=94396</guid>

					<description><![CDATA[четвъртък 2 март 2023Since 2008, Former colonel of the Ministry of Internal Affairs (MIA) of the Russian Federation, Andrey Valeryevich Kashtanov, has held a passport of the Republic of Bulgaria under the notorious&#8230;]]></description>
		
		
		<enclosure url="https://bivol.bg/wp-content/uploads/2023/03/Astesiano_BBCEspanol.jpeg" length="0" type="" />

			</item>
		<item>
		<title>One year of war in Ukraine: Internet trends, attacks, and resilience</title>
		<link>https://noise.getoto.net/2023/02/23/one-year-of-war-in-ukraine-internet-trends-attacks-and-resilience/</link>
		
		<dc:creator><![CDATA[João Tomé]]></dc:creator>
		<pubDate>Thu, 23 Feb 2023 15:58:55 +0000</pubDate>
				<category><![CDATA[Cloudflare Radar]]></category>
		<category><![CDATA[Outage]]></category>
		<category><![CDATA[Project Galileo]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Trends]]></category>
		<category><![CDATA[Ukraine]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=3221f624a3dcd9439ddc712d78647d64</guid>

					<description><![CDATA[This blog post reports on Internet insights during an historical war in Europe that has been seen and shared online, and discusses how Ukraine's Internet remained resilient in spite of dozens of disruptions in three different stages of the conflict.]]></description>
		
		
		<enclosure url="http://blog.cloudflare.com/content/images/2023/02/image13-1.png" length="0" type="" />

			</item>
		<item>
		<title>Cyberwar Lessons from the War in Ukraine</title>
		<link>https://noise.getoto.net/2023/02/23/cyberwar-lessons-from-the-war-in-ukraine/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 23 Feb 2023 12:27:20 +0000</pubDate>
				<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[cyberwar]]></category>
		<category><![CDATA[defense]]></category>
		<category><![CDATA[infrastructure]]></category>
		<category><![CDATA[reports]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[Ukraine]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=66964</guid>

					<description><![CDATA[<p>The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “<a href="https://www.aspeninstitute.org/publications/the-cyber-defense-assistance-imperative-lessons-from-ukraine/">The Cyber Defense Assistance Imperative ­ Lessons from Ukraine</a>.”</p>
<p>Its conclusion:</p>
<blockquote><p>Cyber defense assistance in Ukraine is working. The Ukrainian government and Ukrainian critical infrastructure organizations have better defended themselves and achieved higher levels of resiliency due to the efforts of CDAC and many others. But this is not the end of the road—the ability to provide cyber defense assistance will be important in the future. As a result, it is timely to assess how to provide organized, effective cyber defense assistance to safeguard the post-war order from potential aggressors...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Ukraine Intercepting Russian Soldiers’ Cell Phone Calls</title>
		<link>https://noise.getoto.net/2022/12/21/ukraine-intercepting-russian-soldiers-cell-phone-calls/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 21 Dec 2022 12:09:29 +0000</pubDate>
				<category><![CDATA[cell phones]]></category>
		<category><![CDATA[eavesdropping]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[russia]]></category>
		<category><![CDATA[smartphones]]></category>
		<category><![CDATA[Ukraine]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=66398</guid>

					<description><![CDATA[<p>They’re using commercial phones, which go through the <a href="https://www.theguardian.com/world/2022/dec/20/we-were-allowed-to-be-slaughtered-calls-by-russian-forces-intercepted">Ukrainian telecom network</a>:</p>
<blockquote><p>“You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air,” said Alperovitch. “That doesn’t pose too much difficulty for the Ukrainian security services.”</p>
<p>[…]</p>
<p>“Security has always been a mess, both in the army and among defence officials,” the source said. “For example, in 2013 they tried to get all the staff at the ministry of defence to replace our iPhones with Russian-made Yoto smartphones...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 66/371 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-09 01:23:39 by W3 Total Cache
-->