CyberScoop.com

"Russian spies use ISPs to target embassies."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 01 August 2025, 2108 UTC.

Content and Source:  "CyberScoop.com."

 https://mail.google.com/mail/u/0/?ogbl#inbox/FMfcgzQbgcNCgKflXTgdqrbcVpZxcsNt

URL--https://cyberscoop.com.

Please check email link, URL, or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

READ IN BROWSER

FRIDAY, AUG. 1, 2025 Russian spies are cracking embassies through the country's ISPs. Some government officials are still trying to figure out what was Volt Typhoon's end game. And what does success look like for the AI Action Plan? This is CyberScoop for Friday, August 1. Anton Petrus, via Getty Images

Russian spies leveraging their ISPs

Microsoft Threat Intelligence has revealed that Russia's Secret Blizzard (also known as Turla) has been persistently spying on foreign diplomats in Moscow since at least 2024 by exploiting Russian internet service providers and deploying custom malware. The group leverages advanced techniques—such as adversary-in-the-middle attacks and convincing embassy employees to install fraudulent security certificates—to gain ongoing access to diplomatic communications and sensitive data. This campaign marks the first time Microsoft has confirmed Secret Blizzard’s high-confidence ISP-level access, underscoring a significant escalation in the group's ability to actively manipulate network traffic and maintain surveillance over targets in Russia. Matt Kapko has more.

CyberTalks | Oct. 21, 2025

CyberTalks presents a powerful opportunity to hear from the leading voices at the intersection of government and the technology industry on the latest tactics to combat these new risks. CyberTalks also provides an invaluable forum for exchanging ideas and best practices on ways to bolster digital defenses and promote cyber resiliency. Register Today!

Feds still undecided on Volt Typhoon's intentions

Federal officials are still assessing the intentions and potential impacts of the Chinese hacking group Volt Typhoon, which has gained access to U.S. critical infrastructure networks, including those in Guam. CISA’s acting chief strategy officer, Steve Casapulla, emphasized uncertainty about whether the hackers aim for limited disruption or something far more significant, such as crippling entire cargo management and transportation systems. The persistent presence of Volt Typhoon in sensitive networks has raised alarm among U.S. security leaders across multiple administrations, who warn these infiltrations could have severe, even life-and-death, consequences if leveraged during a future conflict. Tim Starks has more.

What will make the AI Action Plan a success?

On this episode of Safe Mode, Greg Otto sits down with Daria Bahrami, Head of Policy at Dreadnode, for an in-depth exploration of the new AI Action Plan and its sweeping implications for critical infrastructure security. From the technical hurdles in securing vital systems to the growing need for “secure-by-design” technology standards, Daria breaks down what’s at stake as artificial intelligence becomes both a linchpin and a potential liability in our national cyber defenses. Listen here.

FedTalks | Sep 18, 2025

FedTalks is the largest annual gathering of C-level executives, leaders and innovators from the government and tech communities. Now in its 15th year, FedTalks brings together more than 1,000 of the country’s most influential leaders for one day of discussion, exploring ways technology and people can transform government and our nation. Register today! Copyright © CyberScoop 2025.  All rights reserved. Scoop News Group 2001 K Street NW Washington DC  Update your email preferences Unsubscribe