Connect with us

Technology

Heimdal Security Presents its Latest Report on Brute-Force Cyber Attacks

Published

2 years ago

on

COPENHAGEN, Denmark. , July 25, 2024 /PRNewswire/ — An investigation by Heimdal, a leading cybersecurity company, reveals that the EU is facing a surge in brute force cyber attacks on corporate and institutional networks, primarily originating from Russia.

These attackers exploit Microsoft infrastructure, particularly in Belgium and the Netherlands, to avoid detection.

The investigation into the Russian brute-force campaign has revealed several critical insights:

Attackers are aiming for High-Value Targets (HVTs)Key infrastructure cities like Edinburgh and Dublin have been frequently targetedOver half of the attack IP addresses are linked to Moscow, targeting major cities in the UK, Denmark, Hungary, and LithuaniaThe rest of the investigated attack IPs can be traced back to Amsterdam and BrusselsMajor ISPs like Telefonica LLC and IPX-FZCO were significantly abusedHeimdal’s data shows these attacks date back to May 2024 but may have been happening even longer.

Read the full report here: heimdalsecurity.com/blog/russia-brute-force-attacks-europe/

Prevalent Infiltration and Attack Techniques

The attackers primarily target administrative accounts using various case combinations and language variants.

Over 60% of attack IPs are new, with approximately 65% recently compromised and the rest previously abused, revealing a constantly evolving threat.

The threat actors employ known attack principles such as SMBv1 crawlers, RDP crawlers, and RDP alternative port crawlers, exploiting weak or default credentials through password guessing, spraying, and stuffing.

Additionally, their use of legitimate Microsoft infrastructure broadens the attack surface and complicates detection and response.

Data shows that attackers have actively exploited Microsoft infrastructure from the Netherlands and Belgium to increase their attack range and success odds.

Russia Leveraging State-Owned Networks to Propagate Attack

Major ISPs like Telefonica LLC and IPX-FZCO are significantly abused, with the former accounting for 27.7% of attacks from Russia.

The attackers also leveraged resources from Russian allies, including Indian telecom companies Bharat Sanchar Nigam Limited and Bharti Airtel Limited, both of which have faced recent data breaches.

Scope of Brute-Force Campaign

Russia’s motivation behind these cyberattacks is multifaceted.

The reasons for these actions likely include aims to destabilize and disrupt critical infrastructure in Europe, extract sensitive data, gain financial advantage to fuel ongoing cyber-war efforts, or deploy malware.

The threat actors’ mandates can span multiple types of subversive cyber-warfare ops, including seek-and-destroy, disruption of critical assets, and sabotage.

A Wake Up Call for the European Union

This persistent threat underscores the need for cybersecurity measures within EU countries, including strengthening cloud security, enforcing multi-factor authentication, conducting regular security audits, and educating employees.

Morten Kjaersgaard, Founder of Heimdal, said:

“This data shows that an entity in Russia is waging a hybrid war on Europe, and may have even infiltrated it.

The threat actors are aiming to extract as much data or financial means as possible, leveraging Microsoft infrastructure to do so.

Whoever is responsible, whether it’s the state or another nefarious group, they have no shame in using Russia’s allies to commit these crimes.

The exploitation of Indian infrastructure is a strong example. The data also proves these attackers have strong ties with China.”

Paul Vixie, Co-Founder of SIE Europe, added:

“The data that Heimdal has uncovered is explosively evil, and SIE Europe data clearly shows how well built these Russian Wasp nests are and they show no signs of stopping.

SIE Europe does not ever traffic in Personally Identifiable Information, and this case shows the investigative power of public information once cooperatively assembled.”

Read the full investigation here: Russia-Linked Brute-Force Campaign Targets EU via Microsoft Infrastructure (heimdalsecurity.com).

For further press information:
Maria Madalina Popovici
Media Relations Manager
Email: mpo@heimdalsecurity.com

About Heimdal

Established in Copenhagen in 2014, Heimdal empowers CISOs, security teams, and IT administrators to improve their security operations, reduce alert fatigue, and implement proactive measures through a unified command and control platform.

Heimdal®’s award-winning cybersecurity solutions span the entire IT estate, addressing challenges from endpoint to network levels, including vulnerability management, privileged access, Zero Trust implementation, and ransomware prevention.

About SIE Europe

SIE Europe enables European-based organizations to contribute and share passive DNS data to advance cyber investigations and significantly reduce risk from phishing, ransomware, e-crime and other cyberattacks.

SIE Europe is cofounded by Internet luminaries Dr. Paul Vixie, Chairman, Co-Founder and CEO of Farsight Security, Inc., Christoph Fischer, Founder and CEO of BFK edv-consulting GmbH and Peter Kruse, Cofounder , CSIS Security Group A/S. 

This information was brought to you by Cision http://news.cision.com

The following files are available for download:

https://mb.cision.com/Main/22623/4018330/2925877.pdf

Heimdal Links Russia-Based Threat Actors to Brute Force Attacks on the EU

https://mb.cision.com/Public/22623/4018330/87d4180148270100_org.jpg

Image – Heimdal ties Russia-based actors to brute force attacks on the EU

https://mb.cision.com/Public/22623/4018330/8df29c971c3a7080_org.jpg

Map – the primary origin of the attack

 

 

View original content:https://www.prnewswire.co.uk/news-releases/heimdal-security-presents-its-latest-report-on-brute-force-cyber-attacks-302206435.html

Related Topics:
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Florida Physician Specialists Data Breach: Edelson Lechtzin LLP Launches Investigation into Exposure of Personal Information

Published

1 hour ago

on

May 3, 2026

By

National class action firm offering free case evaluations to individuals impacted by the Florida Physician Specialists cybersecurity incident

JACKSONVILLE, Fla., May 3, 2026 /PRNewswire/ — Edelson Lechtzin LLP, a national class action law firm, is investigating data privacy claims arising from the Florida Physician Specialists data breach. Florida Physician Specialists learned of the cybersecurity incident between November 27 and 29, 2025.

What Happened

Florida Physician Specialists discovered that its network was hacked between November 27 and 29, 2025. An investigation launched in late November 2025 confirmed that an unauthorized third party accessed its network. The review of the exposed data was completed on April 6, 2026.

Information Exposed

Affected personal data includes full names and one or more of the following: Social Security numbers, driver’s license numbers or state identification numbers, other government identification numbers, financial account information, credit or debit card information, medical information, and/or health insurance policy information.

Who May Be Impacted

Individuals who received a data breach notification from Florida Physician Specialists may face an increased risk of identity theft and fraud.

Your Legal Options

Edelson Lechtzin LLP is investigating a potential class action to pursue legal remedies on behalf of individuals whose sensitive personal data may have been compromised in the Florida Physician Specialists breach. The firm will evaluate your rights and potential claims at no cost.

Recommended Protective Steps

Review account statements and credit reports regularly and remain vigilant for suspicious activity. Confirm whether your information was involved in the Florida Physician Specialists incident and preserve any letters or emails you received about the breach. Consider placing fraud alerts and credit monitoring.

Contact Us for a Free Case Evaluation

Speak confidentially with a data privacy attorney today: Marc Edelson, Esq., Edelson Lechtzin LLP, 411 S. State Street, Suite N-300, Newtown, PA 18940; Phone: 844-696-7492 ext. 2; Email: medelson@edelson-law.com; Web: www.edelson-law.com. Or click HERE to request a free consultation.

About Florida Physician Specialists

Based in Jacksonville, Florida, Florida Physician Specialists is a multi-specialty private physician practice serving patients in Northeast Florida.

About Edelson Lechtzin LLP

Edelson Lechtzin LLP is a national class action law firm with offices in Pennsylvania and California. In addition to data breach litigation, the firm handles class and collective actions involving securities and investment fraud, federal antitrust violations, ERISA employee benefit plans, wage theft, and consumer fraud

Media and Partnership Inquiries: Use the contact information above to connect with our team regarding interviews, co-counsel opportunities, and referral partnerships.

Legal Notice: This press release may be considered Attorney Advertising in some jurisdictions.

View original content to download multimedia:https://www.prnewswire.com/news-releases/florida-physician-specialists-data-breach-edelson-lechtzin-llp-launches-investigation-into-exposure-of-personal-information-302760742.html

SOURCE Edelson Lechtzin LLP

Continue Reading

Technology

Sandhills Medical Foundation, Inc., d/b/a Sandhills Medical Data Breach: Edelson Lechtzin LLP Launches Investigation into Exposure of Personal Information

Published

1 hour ago

on

May 3, 2026

By

National class action firm offering free case evaluations to individuals impacted by the Sandhills Medical cybersecurity incident

MCBEE, S.C., May 3, 2026 /PRNewswire/ — Edelson Lechtzin LLP, a national class action law firm, is investigating data privacy claims arising from the Sandhills Medical data breach. Sandhills Medical learned of the cybersecurity incident between November 27 and 29, 2025.

What Happened

On May 8, 2025, Sandhills Medical discovered it had been the victim of a ransomware attack. Sandhills Medical began an investigation with the help of cybersecurity experts and a forensic firm. That investigation determined an unauthorized third party accessed Sandhills Medical’s server directly and obtained personal information for select patients.

Information Exposed

Affected personal data includes names, personal health information, and birth dates. This data breach has affected an estimated 169,017 people.

Who May Be Impacted

Individuals who received a data breach notification from Sandhills Medical may face an increased risk of identity theft and fraud.

Your Legal Options

Edelson Lechtzin LLP is investigating a potential class action to pursue legal remedies on behalf of individuals whose sensitive personal data may have been compromised in the Sandhills Medical breach. The firm will evaluate your rights and potential claims at no cost.

Recommended Protective Steps

Review account statements and credit reports regularly and remain vigilant for suspicious activity. Confirm whether your information was involved in the Sandhills Medical incident and preserve any letters or emails you received about the breach. Consider placing fraud alerts and credit monitoring.

Contact Us for a Free Case Evaluation

Speak confidentially with a data privacy attorney today: Marc Edelson, Esq., Edelson Lechtzin LLP, 411 S. State Street, Suite N-300, Newtown, PA 18940; Phone: 844-696-7492 ext. 2; Email: medelson@edelson-law.com; Web: www.edelson-law.com. Or click HERE to request a free consultation.

About Sandhills Medical

Based in McBee, South Carolina, Sandhills Medical operates as a Federally Qualified Community Health Center (FQHC) that provides community-based primary health care services.

About Edelson Lechtzin LLP

Edelson Lechtzin LLP is a national class action law firm with offices in Pennsylvania and California. In addition to data breach litigation, the firm handles class and collective actions involving securities and investment fraud, federal antitrust violations, ERISA employee benefit plans, wage theft, and consumer fraud

Media and Partnership Inquiries: Use the contact information above to connect with our team regarding interviews, co-counsel opportunities, and referral partnerships.

Legal Notice: This press release may be considered Attorney Advertising in some jurisdictions.

View original content to download multimedia:https://www.prnewswire.com/news-releases/sandhills-medical-foundation-inc-dba-sandhills-medical-data-breach-edelson-lechtzin-llp-launches-investigation-into-exposure-of-personal-information-302760743.html

SOURCE Edelson Lechtzin LLP

Continue Reading

Technology

Danish Publisher Automates Digital Textbook Delivery with Integrated WooCommerce-Webdoxx Solution

Published

6 hours ago

on

May 3, 2026

By

Danish educational publisher eliminates manual processing errors and delivers instant access to more than 20 digital learning products

LONDON, May 3, 2026 /PRNewswire-PRWeb/ — Forlaget 94, a Danish educational publisher serving commercial colleges and vocational schools since 1994, has transformed its digital textbook distribution by implementing a fully automated WooCommerce-Webdoxx solution.

“Using the Webdoxx-WooCommerce integration we have achieved full automation of order processing, fewer errors, and happier customers,” Tom Gertsen, IT Manager at Forlaget 94

Previously, Forlaget 94 relied on manual processes to distribute digital textbooks to customers. As demand for online educational materials grew, the publisher required a faster, more reliable way to manage orders, provision access, and reduce the risk of administrative errors.

Through its integration of WooCommerce with Webdoxx, Forlaget 94 now runs more than 20 educational products through a 100% automated workflow. The solution automatically processes customer orders and provides instant access to purchased digital textbooks, improving the experience for both customers and internal teams.

“The result is full automation of order processing, fewer errors, and happier customers,” said Tom Gertsen, IT Manager at Forlaget 94 and architect behind the WooCommerce-Webdoxx integration. The automated system has enabled Forlaget 94 to eliminate manual errors, accelerate customer processing, and increase customer satisfaction through immediate access provisioning. The implementation demonstrates how educational publishers can modernize digital content delivery while maintaining secure, managed access to learning materials.

Webdoxx, a service created and managed by Drumlin Security Ltd, provides online DRM and managed document delivery services for publishers, educational organizations, institutions, and commercial content providers.

About Forlaget 94

Forlaget 94 is a Danish educational publisher established in 1994, providing educational products for commercial colleges and vocational schools.

About Webdoxx

Webdoxx is an online DRM and managed document delivery service created and managed by Drumlin Security Ltd. The platform supports secure access to digital publications and documents across a range of sectors, including education, healthcare, government, finance, and publishing.

Media Contact

Mike de Smith, Drumlin Security Ltd, 44 7768404712, info@drumlinsecurity.com, https://www.drumlinsecurity.com/

View original content to download multimedia:https://www.prweb.com/releases/danish-publisher-automates-digital-textbook-delivery-with-integrated-woocommerce-webdoxx-solution-302759942.html

SOURCE Forlaget 94

Continue Reading

Trending