Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities

Russian state-sponsored threat actors linked to the GRU (Glavnoye Razvedyvatelnoye Upravleniye, or Main Intelligence Directorate) are increasingly breaching into critical infrastructure networks by exploiting basic configuration mistakes rather than software vulnerabilities, according to new research from Amazon Threat Intelligence. Amazon attributes the activity with high confidence to Sandworm, also tracked as APT44 and Seashell Blizzard.

Source: HackRead

Date:

16 December 2025

Categorie(s):

NEWS

Tag(s):

AWS, Cloud Computing, Cloud Provider, Frameworks, Russian

Broker who sold malware to the FBI set for sentencing19 January 2026
Researchers Uncover PDFSIDER Malware Built for Long-Term, Covert System Access19 January 2026
Russian Hacktivists Intensify Disruptive Cyber Pressure on UK Orgs19 January 2026
The Impact of Cyber Threats on Remote Learning Environments19 January 2026
Understanding Access Control Systems and Security Management19 January 2026