John Z Black

Russian Hackers Are Going Back to Old Victims to Check If the Door's Still Open

John Z Black Apr 4, 2026

Threat Intelligence #russia #apt28 #fancy-bear #void-blizzard #cert-ua #ukraine #persistence #social-engineering

CERT-UA warns APT28 and Void Blizzard are revisiting old compromises, testing dormant access, and calling targets directly in fluent Ukrainian. Incident response has an expiration date. Attackers don't.

Read More

Hackers Impersonated Ukraine's CERT to Push Malware as a 'Security Tool'

John Z Black Apr 2, 2026

Threat Intelligence #ukraine #cert-ua #impersonation #agewheeze #cyber-serp #phishing #rat

Pro-Russia group Cyber Serp sent fake CERT-UA emails carrying a RAT disguised as a protection tool. They claimed 200K infections. Reality was a handful.

Read More