📢 Un wiper a visé le réseau électrique polonais, attaque attribuée à Sandworm mais déjouée
📝 Selon Ars Technica, s’appuyant sur une analyse d’ESET et des informations de...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-26-un-wiper-a-vise-le-reseau-electrique-polonais-attaque-attribuee-a-sandworm-mais-dejouee/
🌐 source : https://arstechnica.com/security/2026/01/wiper-malware-targeted-poland-energy-grid-but-failed-to-knock-out-electricity/
#Pologne #Sandworm #Cyberveille
#Sandworm
Sandworm Blamed for Wiper Attack on Poland Power Grid. Researchers attributed the failed attempt to the infamous Russian APT #sandworm, which is notorious for wiper attacks on critical infrastructure organizations.
https://www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
#russia #cyber #energy #cyberattack
Sandworm Blamed for Wiper Attack on Poland Power Grid
https://www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
#Infosec #Security #Cybersecurity #CeptBiro #Sandworm #WiperAttack #Poland #PowerGrid
📢 Pologne: attaque wiper «DynoWiper» contre le secteur de l’énergie, attribuée à Sandworm (déjouée)
📝 Selon Zero Day (Kim Zetter), une opération de cyberattaque visant le réseau énergétique polonais...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-26-pologne-attaque-wiper-dynowiper-contre-le-secteur-de-lenergie-attribuee-a-sandworm-dejouee/
🌐 source : https://www.zetter-zeroday.com/cyberattack-targeting-polands-energy-grid-used-a-wiper/
#Pologne #Sandworm #Cyberveille
DynoWiper: attacco contro la rete elettrica della Polonia
A fine dicembre 2025 è stato effettuato un attacco informatico contro la rete elettrica della #polonia Gli esperti di #eset hanno scoperto il tipo di #malware e gli autori.I cybercriminali del gruppo #sandworm (noto anche come Seashell Blizzard), finanziato dal governo russo, hanno utilizzato #dynowiper Il Primo Ministro Donald Tusk ha dichiarato che non ci sono stati blackout o altre gravi conseguenze
https://www.punto-informatico.it/dynowiper-attacco-contro-rete-elettrica-polonia/
#ESET Research: #Russian cyber actor #Sandworm behind #cyberattack on NATO member #Poland’s power grid in late 2025. The attack involved data-wiping malware #DynoWiper. Coincidentally on the 10th anniversary of #Ukraine power grid.
🇵🇱 🇷🇺 Ruská skupina Sandworm v roce 2025 útočila na polskou energetiku
https://infoek.cz/ruska-skupina-sandworm-v-roce-2025-utocila-na-polskou-energetiku-2026/
🇵🇱 🇷🇺 Russian group Sandworm attacked Polish energy sector in 2025
#RussianAPT #Russia #APT #Poland #CyberSecurity #Tech #Sandworm #ESET
#Russia-linked #Sandworm #APT implicated in major cyber attack on Poland’s power grid
https://securityaffairs.com/187309/breaking-news/russia-linked-sandworm-apt-implicated-in-major-cyber-attack-on-polands-power-grid.html
#securityaffairs #hacking
Sandworm behind cyberattack on Poland's power grid in late 2025
Pulse ID: 6976fb12433099e6fae6af59
Pulse Link: https://otx.alienvault.com/pulse/6976fb12433099e6fae6af59
Pulse Author: Tr1sa111
Created: 2026-01-26 05:26:42
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberAttack #CyberSecurity #InfoSec #OTX #OpenThreatExchange #Poland #RAT #Sandworm #Worm #bot #Tr1sa111
📰 Sandworm Deploys New 'DynoWiper' Malware in Failed Attack on Polish Power Grid
Russia's Sandworm group deployed new 'DynoWiper' malware in a failed cyberattack on Poland's power grid. ⚡️ The attack, described as the largest in years, highlights the ongoing threat to critical infrastructure. #Sandworm #CyberAttack #Wiper #Poland
It's been a bit light on news over the last 24 hours, but we've got a couple of noteworthy updates: a failed nation-state attack on critical infrastructure and a new feature from a popular password manager to help combat phishing. Let's dive in:
Sandworm's Failed Wiper Attack on Poland's Energy Grid ⚠️
- The Russian state-sponsored group Sandworm (also known as APT44, UAC-0113, or Seashell Blizzard) has been linked to a failed cyberattack on Poland's energy infrastructure in late December 2025.
- The group attempted to deploy a new destructive data-wiping malware, dubbed DynoWiper (detected as Win32/KillFiles.NMO), targeting combined heat and power plants and renewable energy management systems.
- Polish officials confirmed the attacks were stopped, highlighting the ongoing threat from nation-state actors to critical infrastructure and the importance of robust defensive measures.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/sandworm-hackers-linked-to-failed-wiper-attack-on-polands-energy-systems/
1Password Boosts Phishing Protection 🔒
- 1Password has rolled out new pop-up warnings for suspected phishing sites, aiming to prevent users from manually entering credentials on malicious or typosquatted domains.
- This feature adds an extra layer of defence beyond the existing URL matching, which prevents auto-filling, by explicitly alerting users who might otherwise overlook subtle domain discrepancies.
- Available automatically for individual and family plans, and configurable for enterprise admins, this update addresses the growing threat of sophisticated, AI-enhanced phishing scams.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/1password-adds-pop-pup-warnings-for-suspected-phishing-sites/
#CyberSecurity #ThreatIntelligence #NationState #Sandworm #CriticalInfrastructure #Wiper #Phishing #PasswordManager #InfoSec #CyberAttack #IncidentResponse
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
#Sandworm
https://www.welivesecurity.com/en/eset-research/eset-research-sandworm-cyberattack-poland-power-grid-late-2025/
Nowy wiper w polskiej energetyce – atak na infrastrukturę krytyczną
Czy można „zetrzeć” prąd z dysku? Ktoś właśnie próbował – i to w Polsce.
Czytaj dalej:
https://pressmind.org/nowy-wiper-w-polskiej-energetyce-atak-na-infrastrukture-krytyczna/
#PressMindLabs #dynowiper #elektrocieplownie #eset #oze #sandworm
This was really big. On December 29-30, 2025, #Poland successfully defended against a coordinated cyberattack targeting its energy infrastructure. #ESET Research has attributed the attack to #Sandworm (APT44), a Russian #GRU-linked #hacking group.
Key Facts:
- Attack used #DynoWiper malware targeting two heat-and-power plants and renewable energy management systems
- Targeted communication infrastructure between energy producers and the national grid
- Attack occurred during temperatures below -15°C
- Polish authorities estimate 500,000 people could have lost heat if successful
- No disruption occurred; attack was detected and stopped
Context:
The #attack occurred nearly 10 years after Sandworm's 2015 #cyberattack on Ukraine's power grid, which caused the first #malware-induced #blackout, affecting approximately 230,000 people.
Sandworm behind cyberattack on Poland's power grid in late 2025
In late 2025, Poland's energy system was targeted by a major cyberattack, now attributed to the Russia-aligned APT group Sandworm by ESET Research. The attack involved data-wiping malware named DynoWiper, detected as Win32/KillFiles.NMO. While the full impact is still under investigation, researchers noted the attack's timing coincided with the 10th anniversary of Sandworm's 2015 attack on Ukraine's power grid. Sandworm continues to target critical infrastructure, particularly in Ukraine, with regular wiper attacks. The group's history of disruptive cyberattacks and the similarities in tactics, techniques, and procedures led to a medium-confidence attribution of this latest incident to Sandworm.
Pulse ID: 6973fa6df457081a422f550e
Pulse Link: https://otx.alienvault.com/pulse/6973fa6df457081a422f550e
Pulse Author: AlienVault
Created: 2026-01-23 22:47:09
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberAttack #CyberAttacks #CyberSecurity #ESET #ICS #InfoSec #Malware #OTX #OpenThreatExchange #Poland #RAT #Russia #Sandworm #UK #Ukr #Ukraine #Worm #bot #AlienVault
#BREAKING #ESETresearch identified the wiper #DynoWiper used in an attempted disruptive cyberattack against the Polish energy sector on Dec 29, 2025. At this point, no successful disruption is known, but the malware’s design clearly indicates destructive intent.
#ESETresearch attributes the attack to the Russia‑aligned #Sandworm APT group with medium confidence, based on strong overlaps in behavior and TTPs with multiple earlier Sandworm-linked wiper operations investigated by our team.
The attack struck during peak winter and the 10‑year anniversary of Sandworm’s 2015 attack on Ukraine’s power grid - the first malware-driven blackout, leaving ~230,000 people without electricity.
#ESET detects DynoWiper as Win32/KillFiles.NMO. Customers of our private ESET Threat Intelligence APT reports have already received additional technical details and IOCs to support rapid detection and response. IoC: 4EC3C90846AF6B79EE1A5188EEFA3FD21F6D4CF6
We continue to investigate the incident and broader implications. As new evidence or links to additional Sandworm activity emerge, we will share further updates to help defenders protect critical sectors.
Warning: Amazon Confirms 5-Year-Long Russian Cyberattack
A five-year cyberattack campaign targeting users of Amazon Web Services infrastructure in the West has been confirmed by the Amazon threat intelligence team following analysis of the threat, which is linked to the Sandworm actor and, therefore, to hackers working with Russia’s GRU military intelligence agency.
#Amazon #AWS #sandworm #russian #russia #cyberattack #security #cybersecurity #hackers #hacking
5/5 The "Friday Afternoon" Triage:
✅ Audit all SonicWall SMA1000 instances.
✅ Disable ASUS Live Update on high-value workstations until you've verified the patch.
✅ Check your "Edge" devices for unexpected local admin logins.
Stay vigilant, Blue Team. The "low-hanging fruit" is what gets picked first. 🛡️☕
#CyberSecurity #BlueTeam #Infosec #CISAKEV #Sandworm #SOCLife
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst