Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Russia warns financial sector organizations of IT service provider LANIT compromise

Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT. Russia’s National Coordination Center for Computer Incidents (NKTsKI) warns the financial sector of security breach at IT service and software provider LANIT, potentially affecting LANTER and LAN ATMservice. According to the security breach notification published by GosSOPKA, […]

APT28

Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT.

Russia’s National Coordination Center for Computer Incidents (NKTsKI) warns the financial sector of security breach at IT service and software provider LANIT, potentially affecting LANTER and LAN ATMservice.

According to the security breach notification published by GosSOPKA, the attack occurred on February 21, 2025.

“On February 21, 2025, FinCERT notified credit and financial sector organizations about a possible compromise of LANTER LLC and LAN ATMservice LLC, which are part of the LANIT group of companies.” reads the security breach notification published by GosSOPKA. “The NKTsKI recommends that all organizations change passwords and keys for accessing their systems operated in LANIT data processing centers as soon as possible. If the developments and software products of the LANIT group of companies are used in your infrastructure and LANIT engineers are provided remote access to them, it is also recommended to change the connection data.”

NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT.

LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. Founded in 1989, LANIT offers a wide range of IT solutions, including system integration, software development, cybersecurity, cloud services, and IT consulting. The group serves various sectors, including finance, government, healthcare, and telecommunications.

LANIT has multiple subsidiaries, such as LLC LANTER and LLC LAN ATMservice, which focus on financial IT solutions, including payment processing and ATM services. The company plays a significant role in Russia’s digital infrastructure and has partnerships with global IT vendors.

In May 2024, U.S. Treasury sanctioned LANIT due to its role in facilitating Russia’s acquisition of technology and equipment for its war machine.

LANIT Incorporated (LANIT) is a Russian information technology company whose customers include the Russian Ministry of Defense and U.S.-designated military-industrial base entities such as Rostec and United Aircraft Corporation.” said U.S. Treasury.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, NKTsKI)