Mastodawn

Cyber warfare groups: Sandworm
https://negativepid.blog/cyber-warfare-groups-sandworm/

#cyberWarfare #Sandworm #criticalInfrastructure #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

Cyber warfare groups: Sandworm - Negative PID

They moved from espionage to physical disruption. Their operations have affected national power grids, critical infrastructure, and global supply chains. They

Negative PID

Negative PID SL Mar 9

Cyber warfare groups: Sandworm
https://negativepid.blog/cyber-warfare-groups-sandworm/

#cyberWarfare #Sandworm #criticalInfrastructure #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

Cyber warfare groups: Sandworm - Negative PID

They moved from espionage to physical disruption. Their operations have affected national power grids, critical infrastructure, and global supply chains. They

Negative PID

MauroGata Mar 8

The Sandworm by Travis Knight

#sandworm #worm #technical #illustration #design #art #illustration #TravisKnight #Knight

OTX Bot Feb 24

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

Pulse ID: 699d3e8295822bad54b07e47
Pulse Link: https://otx.alienvault.com/pulse/699d3e8295822bad54b07e47
Pulse Author: Tr1sa111
Created: 2026-02-24 06:00:34

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #NPM #OTX #OpenThreatExchange #Sandworm #Worm #bot #Tr1sa111

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

ESET Research Jan 30

#BREAKING #ESETresearch provides technical details on #DynoWiper, a data‑wiping malware used in a data‑destruction incident on December 29, 2025, affecting a company in Poland’s energy sector.
https://www.welivesecurity.com/en/eset-research/dynowiper-update-technical-analysis-attribution/
@CERT_Polska_en did an excellent job investigating the incident and published a detailed analysis in a report:
https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/
#ESETresearch attributes the attack to the 🇷🇺 Russia‑aligned #Sandworm APT group with medium confidence, based on strong overlaps in behavior and TTPs with multiple earlier Sandworm attacks. Specifically, DynoWiper operates in a broadly similar fashion to the ZOV wiper, which we attribute to Sandworm with high confidence.
IoCs available in our GitHub repo: https://github.com/eset/malware-ioc/tree/master/dynowiper

Anna Wasilewska-Śpioch Jan 29

Jeśli ktoś chce zerknąć do świeżo wydanego raportu firmy Dragos dotyczącego ataku na polski sektor energetyczny, to link znajdzie poniżej. Wskazywana przez badaczy grupa Electrum to nic innego jak Sandworm (wg nazewnictwa stosowanego przez ESET) czy po prostu APT44, czyli ślady prowadzą do Rosji. Ale szczegółów brak, same ogólniki. Sugeruję poczekać na publikację polskiego CERT-u, która ma szansę pojawić się już jutro.

https://5943619.hs-sites.com/hubfs/Reports/dragos-2025-poland-attack-report.pdf

#cyberbezpieczenstwo #apt44 #sandworm

CyberVeille.ch Jan 27

📢 Un wiper a visé le réseau électrique polonais, attaque attribuée à Sandworm mais déjouée
📝 Selon Ars Technica, s’appuyant sur une analyse d’ESET et des informations de...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-26-un-wiper-a-vise-le-reseau-electrique-polonais-attaque-attribuee-a-sandworm-mais-dejouee/
🌐 source : https://arstechnica.com/security/2026/01/wiper-malware-targeted-poland-energy-grid-but-failed-to-knock-out-electricity/
#Pologne #Sandworm #Cyberveille

Teddy / Domingo (🇨🇵/🇬🇧)Jan 27

Sandworm Blamed for Wiper Attack on Poland Power Grid. Researchers attributed the failed attempt to the infamous Russian APT #sandworm, which is notorious for wiper attacks on critical infrastructure organizations.
https://www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
#russia #cyber #energy #cyberattack