惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

GRAHAM CLULEY

Anubis ransomware: what you need to know Smashing Security podcast #476: Remote-control rickshaws and rogue book marketers The ransomware negotiator who was working for the other side Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk Smashing Security podcast #475: JadePuffer - the AI that ran a ransomware attack all by itself Two arrested over credit card phishing - as the Netherlands is named Europe's worst for payment fraud The Gentlemen ransomware: what you need to know Smashing Security podcast #474: Polymarket can predict the future. So how did it miss this hack? Scammers race to cash in on Venezuelan earthquake disaster USB drives carrying China-linked malware infected Japanese military networks for nearly a year Smashing Security podcast #473: How a hacker could have Rickrolled the entire World Cup Hacker hijacks Brazil's national alert system, sending "misanthropy" to millions of phones Apple's Hide My Email tweak leaves privacy fans fuming Imposter scams cost Americans $3.5 billion in 2025 – and it’s getting worse Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed Maine forced to take down data breach portal after fake notices filed with authorities Privacy own-goal: World Cup blunder leaks Lionel Messi's passport details Silent Ransom Group: what you need to know Smashing Security podcast #471: This AI worm just rewrote its own rules Why schools remain one of cybercriminals' favourite targets Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5 Meta’s own AI chatbot to blame for Instagram accounts being stolen in seconds Smashing Security podcast #470: This AI security flaw might be impossible to fix Police arrest man following hack of Ajax football club MyPillow listed on ransomware gang's leak site, but denies it has been breached Smashing Security podcast #469: What your Oura ring won’t tell you FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts — no password required Defenders fall behind, as AI rewrites the rules of a data breach Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Suspected Dream Market kingpin arrested after gold bars sent to his home address When ransomware gets physical: cybercriminals turn to threats of violence Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities One in eight UK workers has sold their company passwords, and bosses think it’s fine Sri Lanka makes 37 arrests as it raids another scam centre Smashing Security podcast #466: Meta sees everything, Copy Fail, and a deepfake gets hired Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions Alleged Silk Typhoon hacker extradited to the United States to face charges French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not Singer loses life savings to fake wallet downloaded from the Apple App Store Sometimes changing the password on your email mailbox isn’t enough 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users AI and cryptocurrency scams are costing Americans billions, FBI reports Life imprisonment for Cambodian scam compound operators - but will it make a difference? Nigerian romance scammer jailed after being caught out by fellow fraudster Alleged RedLine malware developer extradited to United States Iranian hackers breach FBI director's personal email, and post his CV and photos online World Leaks data extortion: What you need to know How one man used 10,000 bots to steal $8,000,000 from music artists Denver's crosswalks hacked to broadcast anti-Trump messages LeakNet ransomware: what you need to know Free parking in Russia after Distributed Denial-of-Service attack knocks city's parking system offline Fraudsters are using public planning records to target permit applicants Your Signal account is safe - unless you fall for this trick Twitter suspended 800 million accounts last year — so why does manipulation remain so rampant? How hackers bypassed MFA with a $120 phishing kit - until a global takedown shut it down They seized $4.8m in crypto... then gave the master key to the internet
Inside Department 4: Russia's secret school for hackers
Graham CLULEY · 2026-05-08 · via GRAHAM CLULEY

Most universities have a careers fair. At Bauman Moscow State Technical University, however, an elite group of students appear to have something rather more unusual: a direct pipeline into some of the world's most notorious state-sponsored hacking groups.

A new investigation by a consortium of journalists from The Guardian, Der Spiegel, Le Monde, and The Insider, amongst others, has lifted the lid on a secretive faculty inside one of Russia's most prestigious technical universities - that has spent years grooming students to become hackers for Russian military intelligence.

Reporters managed to obtain a haul of 2,000 internal documents which revealed some of the secret goings-on, including at "Department 4" - a faculty with a seemingly deliberately unmemorable name within Bauman's military training centre, where the GRU appears to go shopping for fresh talent.

Russia's military intelligence service, the GRU, directly controls who gets into Department 4, according to the leak. It is GRU that is overseeing exams, and signing-off on graduates' postings, with some promising students scouted as early as secondary school.

A core course called "Defence against technical reconnaissance" covers password attacks, software vulnerabilities, and trojan horses. Students are told to carry out practical penetration tests, and one module is devoted entirely to computer viruses, with students required to write a virus of their own as part of the assessment. Presumably they gain extra marks for not infecting their lecturer's laptop.

In addition, there are lessons in old fashioned James Bond-style spying with surveillance devices disguised as smoke detectors, physical keyloggers, and cables that silently send screenshots to a hidden drive.

Among the 69 students who reportedly graduated from Department 4 in 2024 was Daniil Porshin. He spent six years at Bauman, achieving near-perfect grades. Upon his graduation, he is said to have been assigned to the Fancy Bear hacking group, which was linked by the US Department of Justice over the high profile hack of the Democratic National Committee.

Fifteen other students found themselves assigned to hacking gangs, including one who appears to have been assigned to Unit 74455 (better known as Sandworm) - the GRU group which has been blamed by Western governments for attacks on Ukraine's power grid, Emmanuel Macron's 2017 presidential campaign, and the 2018 Winter Olympics.

It is worth noting that not everyone makes the grade, with one student assessed by a senior GRU officer to have "insufficient understanding of how to carry out a remote network attack."

According to the documents, one of Department 4's teachers is Major General Viktor Netyksho. If that name is familiar to you, it may be because he was indicted by Robert Mueller over the DNC breach. He has, it seems, gone from running the Fancy Bear hacking group to helping train its replacements.

What the report does is act as a useful reminder that the threat posed by groups like Fancy Bear and Sandworm is serious and organised. Russia is running a state-funded, state-directed production line for hackers - complete with lecture theatres, examination boards, and a steady supply of fresh recruits.

All of this means that those responsible for securing their organisations from cybercriminals cannot afford to relax.

Patch your systems, enable multi-factor authentication, segment your network, log activity, train your workforce, make regular backups, run penetration tests against your organisation to see where your weak points may be, and so forth.

Determined GRU-trained hackers, hell-bent on breaking into your organisation's IT infrastructure, may still find it impossible to find a way in - but make sure you have done everything in your power to make it as difficult for them as possible, and limit any damage they might be able to cause.