Very familiar taste, as close as you can get to a liquified version of the paczki I grew up eating.

Imagining Naryshkin briefing Putin on the ex-US internal security chief’s husband allegedly donning a large-breasted goose suit as part of his “bimboification” fetish

Two weeks to go until FS ISAC FinCyber in Toronto, where I'll be presenting on trends in Russian cyber after 4 years of war.

Excited to talk about things like GRU regionality, the Presidential Administration, initial access and operational tempo.

wanted poster of Schukin and Kravchov

Years ago, we've published an investigation into one core member of REvil, together with @maxzierer.bsky.social and @kaibiermann.bsky.social

Now, german authorities put out a Wanted poster for Mr. Shchukin

www.bka.de/DE/IhreSiche...

Here's our reporting from back then
www.zeit.de/digital/inte...

Grand Cayman airport Wendy's is not where I expected to find Georgian.

Future of assault troops seen by some Russian military scholars

Can't disagree with this more. The surge of cyber attacks in Ukraine & Russia during the war was definitely driven by political & war-related motivations. This is clear from commercial security research & my own close observations over the years

www.ft.com/content/4e88...

1/2

Caymans for the week.

Absolutely. I just hope we see some more coming on the cyber side of things, especially with the connections to Unit 29155.

Oh for sure Yandex networks are lived in. But at least make them work a little bit.

Wouldn't it be crazy if tools like Yandex Translate existed?

Maybe it is too optimistic, but we can pretend Kazakhstan is at least in part using cyber to advance it's restoration efforts for the Aral Sea.

timesca.com/kazakhstan-u...

Путин уволил из Совбеза генерала Коновальчика, который может быть связан с крупнейшими кибератаками ГРУ Это еще один «выбывший» генерал из команды Шойгу

Putin removed General Pavel Konovalchik from the Security Council, another victim in the purge of Shoigu cronies. Konovalchik may have overseen Russia’s information troops, including the threat group known as Fancy Bear.

istories.media/news/2026/03...

Tonight's beer.

1/ Anti Lukashenko-regime hackers Belarusian Cyber Partisans melden:

‘CYBERATTACK ON Khimvolokno 💥

We're striking the computer network of Belarusian Khimvolokno, Russia's largest supplier of nylon threads used to make helmet linings and body armor for the Russian army’.

Weird cyber story from Russia: a Moscow resident Ruslan Satuchin faces criminal charges for allegedly contacting Conti under the pretense of the FSB & extorting money for protection. Now he's investigated for fraud

No word of legal action against Conti

www.rbc.ru/society/25/0...

Wanted: foreign mercenaries, oops, military recruits seeking a path to citizenship...

The Wagner network recruits economically vulnerable Europeans for acts of violence and sabotage on NATO soil. GRU and FSB run the operations; Wagner supplies the channels and recruiters who "speak the language" of the marginalised. Many attacks have been thwarted. www.ft.com/content/dbd1...

Today, INPACT reveals the takeover of the Wagner Group's influence arm – Africa Politology – by the SVR, Russia's foreign intelligence service.

“Pancake,” “Lenin,” and an FSB hacker: Meet the fresh faces at Putin’s new directorate “for strategic partnership and cooperation” In August 2025, Putin abolished the Directorate for Interregional and Cultural Relations with Foreign Countries, which had been responsible for promoting “soft power” (and for spying, of course) and r...

“Pancake,” “Lenin,” and an FSB hacker: Meet the fresh faces at Putin’s new directorate “for strategic partnership and cooperation”

Despite a nominal rebranding, the Kremlin’s efforts to peddle Russian soft power abroad look set to remain unchanged.

(S+) Hacktivist infiltriert Desinformationskampagne: Im Inneren der russischen Propagandamaschine Informationskrieger des Kreml machen im Netz Stimmung gegen Kanzler Merz, die »Zukunft« gelte der AfD. Ein Hacktivist liefert tiefe Einblicke in Moskaus Maschinenraum.

In case you're interested in #Doppelgänger and are following disinfo, here's a piece about a hacktivist who managed to siphon out hundreds of gigabytes of internal data (zipped!)

Article at Der Spiegel, Gift Link
www.spiegel.de/politik/hack...

Давно не секрет фирмы В России растет число кибератак с целью шпионажа

Kommersant cites BI.ZONE CTI that 37% of cyber attacks on Russian organizations in 2025 were conducted for espionage, up from 21% in 2024. 45% of the threat groups attacking Russia and CIS are espionage groups.
Kommersant.ru/doc/8420782

The main difference I can see so far is my hypothesis that initial access occurs at the regional level, leveraging the regional focus of individual military districts.

Just mostly glad to see significant alignment in my research.

Someone putting pen to paper GRU regionality, something I've been researching for the past few years. Based on imagery they include, we use similar methodologies to break down the VIO by regions and links to monoliths, and reach similar conclusions.

Cyber spies use fake New Year concert invites to target Russian military The campaign surfaced earlier in October after researchers at the New York-based cybersecurity firm Intezer identified a malicious XLL file uploaded to VirusTotal, first from Ukraine and later from Ru...

Researchers said they observed a hacking group attempting to lure senior Russian military officers to download malware using a variety of phishing emails therecord.media/cyber-spies-...

First day of vacation beer at the Canadian Warplane Heritage Museum.

Bundesregierung macht Russland für Cyberangriff verantwortlich Die Bundesregierung wirft Russland einen großen Cyberangriff auf die Flugsicherung und eine Desinformationskampagne im Bundestagswahlkampf vor. Der russische Botschafter wurde ins Auswärtige Amt einbe...

Germany seems more willing to call out Russia - today the government is accusing Russia of a large scale cyber attack on air traffic security and for disinformation campaign during the federal elections earlier this year:

История большого взлома. Как хакеры парализовали «Аэрофлот» С начала войны число атак украинских и белорусских хакеров на крупные российские компании выросло кратно, но не всегда о них

Blockbuster reporting by Maria Kolomychenko on the Aeroflot hack with new details on messy infosec, the impact of & recovery from what was the biggest cyber attack on Russia during the war

thebell.io/istoriya-bol...

Another day another Belarusian picked up by the Poles for spying and “sabotage”

Profile: GRU cyber and hybrid threat operations

The UK has updated their GRU cyber profiles today. I love the breakdown of Fancy Bear into at least 3 distinct teams. It helps the research I've been doing into subgroups and regionalization within the GRU, trying to break down monoliths into a military district based understanding of GRU cyber ops.