#cyber-espionage

[ follow ]
#cybersecurity

China cyber-attacks explained: who is behind the hacking operation against the US and UK?

US and UK imposed sanctions on China for cyber espionage campaign
China's state-backed groups APT 31 and APT 40 behind cyber-attacks

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

A new cyber espionage group, Liminal Panda, has targeted telecommunications entities in South Asia and Africa since 2020 for intelligence collection.

T-Mobile US 'monitoring' China's 'industry-wide attack'

T-Mobile is monitoring an industry-wide cyber-espionage campaign linked to Chinese hackers, ensuring customer data remains secure.

Russia clings to malware as attacks on Ukraine persist

Russia's malware tactics in Ukraine have intensified, with a reported 90% increase, adapting creatively to circumvent existing email protections.

Malware linked to Salt Typhoon used to hack telcos around the world

Salt Typhoon represents a significant threat with sophisticated tactics in cyber-espionage targeting telecommunications and government networks globally.

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors

Volt Typhoon exploited a significant vulnerability in Versa Director affecting multiple sectors, exploiting vulnerabilities in administration privileges.
The ongoing cyber espionage campaign by Volt Typhoon highlights the risks associated with unpatched systems, particularly in high-severity scenarios.

China cyber-attacks explained: who is behind the hacking operation against the US and UK?

US and UK imposed sanctions on China for cyber espionage campaign
China's state-backed groups APT 31 and APT 40 behind cyber-attacks

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

A new cyber espionage group, Liminal Panda, has targeted telecommunications entities in South Asia and Africa since 2020 for intelligence collection.

T-Mobile US 'monitoring' China's 'industry-wide attack'

T-Mobile is monitoring an industry-wide cyber-espionage campaign linked to Chinese hackers, ensuring customer data remains secure.

Russia clings to malware as attacks on Ukraine persist

Russia's malware tactics in Ukraine have intensified, with a reported 90% increase, adapting creatively to circumvent existing email protections.

Malware linked to Salt Typhoon used to hack telcos around the world

Salt Typhoon represents a significant threat with sophisticated tactics in cyber-espionage targeting telecommunications and government networks globally.

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors

Volt Typhoon exploited a significant vulnerability in Versa Director affecting multiple sectors, exploiting vulnerabilities in administration privileges.
The ongoing cyber espionage campaign by Volt Typhoon highlights the risks associated with unpatched systems, particularly in high-severity scenarios.
morecybersecurity

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

Evasive Panda compromised an ISP to distribute malware updates to target companies, showcasing advanced tactics.
The threat actor is linked to a new strain of macOS malware named MACMA and has a history of sophisticated cyber espionage activities.

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

A Russia-linked threat actor used a car-for-sale phishing lure to distribute a modular Windows backdoor named HeadLace targeting diplomats and European networks.
#malware

Chinese cyber espionage campaign targets 'dozens' of Western governments, Dutch officials say

Chinese-linked cyber espionage operation infiltrated Western governments, international organizations, and defense industry using a new remote access trojan named 'Coathanger.'

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova

A little-known cyber espionage group XDSpy targeted companies in Russia and Moldova using phishing emails with malware like DSDownloader.

FBI disrupts Moobot botnet used by Russian military hackers

The FBI took down a botnet of SOHO routers used by Russia's GRU for cyber espionage purposes.
The GRU leveraged existing malware to repurpose the botnet and target US and foreign governments as well as corporate organizations.

ORBs: Hacking groups' new favourite way of keeping their attacks hidden | Computer Weekly

Cyber-espionage groups are increasingly using ORB networks to hide their attacks and make attribution challenging.

Iran's MuddyWater phishes Israel with custom backdoor

MuddyWater, an Iranian cyber espionage group, has upgraded its malware to target Israeli organizations using phishing campaigns with a new backdoor named BugSleep.

Chinese cyber espionage campaign targets 'dozens' of Western governments, Dutch officials say

Chinese-linked cyber espionage operation infiltrated Western governments, international organizations, and defense industry using a new remote access trojan named 'Coathanger.'

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova

A little-known cyber espionage group XDSpy targeted companies in Russia and Moldova using phishing emails with malware like DSDownloader.

FBI disrupts Moobot botnet used by Russian military hackers

The FBI took down a botnet of SOHO routers used by Russia's GRU for cyber espionage purposes.
The GRU leveraged existing malware to repurpose the botnet and target US and foreign governments as well as corporate organizations.

ORBs: Hacking groups' new favourite way of keeping their attacks hidden | Computer Weekly

Cyber-espionage groups are increasingly using ORB networks to hide their attacks and make attribution challenging.

Iran's MuddyWater phishes Israel with custom backdoor

MuddyWater, an Iranian cyber espionage group, has upgraded its malware to target Israeli organizations using phishing campaigns with a new backdoor named BugSleep.
moremalware
#ransomware-attacks

North Korea-backed cyber espionage campaign targets UK military

North Korean state-backed hackers target secrets related to military and nuclear industries in US, UK, South Korea, Japan, and India.

North Korea-backed cyber group sought to steal nuclear secrets, NCSC says

A North Korea-backed cyber group, Andariel, has been stealing military and nuclear secrets globally.

US Department of State puts $10 million bounty on North Korean hacker's head as agencies issue warning about APT45

The US Department of State offers $10 million reward for information on North Korean hacker Rim Jong Hyok and his group APT45's cyber activities, including targeting US hospitals and healthcare providers.

North Korea-backed cyber espionage campaign targets UK military

North Korean state-backed hackers target secrets related to military and nuclear industries in US, UK, South Korea, Japan, and India.

North Korea-backed cyber group sought to steal nuclear secrets, NCSC says

A North Korea-backed cyber group, Andariel, has been stealing military and nuclear secrets globally.

US Department of State puts $10 million bounty on North Korean hacker's head as agencies issue warning about APT45

The US Department of State offers $10 million reward for information on North Korean hacker Rim Jong Hyok and his group APT45's cyber activities, including targeting US hospitals and healthcare providers.
moreransomware-attacks
#north-korea

U.S. Indicts North Korean in Ransomware Attacks and Theft of Military Data

North Korean man indicted for cyber theft from US military bases, defense contractors, NASA, and Asian companies, revealing North Korea's cybercrime capabilities.

This new hacker group is targeting software developers with phony job offers and fake projects

A new hacking group 'Moonstone Sleet' uses various deceptive tactics like fake job tests and a fake tank game to target software developers for espionage and financial gain.

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

North Korea-linked APT45 expanding into financially-motivated ransomware attacks.
APT45 frequently targets critical infrastructure and has a long history of cyber operations.
Military intelligence organizations like APT45 are increasingly involved in financially-motivated cybercrime.

U.S. Indicts North Korean in Ransomware Attacks and Theft of Military Data

North Korean man indicted for cyber theft from US military bases, defense contractors, NASA, and Asian companies, revealing North Korea's cybercrime capabilities.

This new hacker group is targeting software developers with phony job offers and fake projects

A new hacking group 'Moonstone Sleet' uses various deceptive tactics like fake job tests and a fake tank game to target software developers for espionage and financial gain.

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

North Korea-linked APT45 expanding into financially-motivated ransomware attacks.
APT45 frequently targets critical infrastructure and has a long history of cyber operations.
Military intelligence organizations like APT45 are increasingly involved in financially-motivated cybercrime.
morenorth-korea
#china

CISA orders Ivanti devices targeted by Chinese hackers be disconnected

Federal agencies running Ivanti Connect Secure or Ivanti Policy Secure devices must disconnect them due to cyber espionage linked to China.
CISA has issued instructions for updating and bringing the devices back online.

UK not heeding warning over China threat, says ex-cybersecurity chief

The UK needs to pay more attention to China's cyber-espionage tactics targeting critical infrastructure.

CISA orders Ivanti devices targeted by Chinese hackers be disconnected

Federal agencies running Ivanti Connect Secure or Ivanti Policy Secure devices must disconnect them due to cyber espionage linked to China.
CISA has issued instructions for updating and bringing the devices back online.

UK not heeding warning over China threat, says ex-cybersecurity chief

The UK needs to pay more attention to China's cyber-espionage tactics targeting critical infrastructure.
morechina
#cyber-attacks

Cyber-attacks linked to Chinese spy agencies are increasing, say analysts

Cyber-attacks by Chinese intelligence agencies are escalating worldwide.
Analysts believe Chinese hackers aim to gather political, military, and commercial information through cyber-espionage.

Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation

APT40, a China-linked cyber espionage group, swiftly exploits new security flaws; targeted various countries since 2013, attributed to China's Ministry of State Security in 2021.

Cyber-attacks linked to Chinese spy agencies are increasing, say analysts

Cyber-attacks by Chinese intelligence agencies are escalating worldwide.
Analysts believe Chinese hackers aim to gather political, military, and commercial information through cyber-espionage.

Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation

APT40, a China-linked cyber espionage group, swiftly exploits new security flaws; targeted various countries since 2013, attributed to China's Ministry of State Security in 2021.
morecyber-attacks
#cloud-security

Russia's Cozy Bear spotted diving into cloud environments

Cozy Bear, responsible for the SolarWinds attack, has expanded to target cloud environments and diversified victim categories.
Five Eyes governments issue a joint advisory warning of Cozy Bear expanding targets and methods, including targeting organizations via cloud services.

UK's NCSC Issues Warning as SVR Hackers Target Cloud Services

Russian state hackers are targeting organizations moving to the cloud, focusing on weaknesses in cloud services for initial access.
APT29, linked to Russia's Foreign Intelligence Service, is expanding its cyberattacks to various sectors and adapting techniques for cloud-based environments.

Russia's Cozy Bear spotted diving into cloud environments

Cozy Bear, responsible for the SolarWinds attack, has expanded to target cloud environments and diversified victim categories.
Five Eyes governments issue a joint advisory warning of Cozy Bear expanding targets and methods, including targeting organizations via cloud services.

UK's NCSC Issues Warning as SVR Hackers Target Cloud Services

Russian state hackers are targeting organizations moving to the cloud, focusing on weaknesses in cloud services for initial access.
APT29, linked to Russia's Foreign Intelligence Service, is expanding its cyberattacks to various sectors and adapting techniques for cloud-based environments.
morecloud-security
#spear-phishing

US charges Iranian with attacks against defense contractors

Iranian national indicted for cyber espionage
Spear phishing and hacking techniques used to compromise US targets

UK accuses Russia of attempted election interference through cyberattacks

Moscow denies UK claims of a cyber-espionage campaign aimed at meddling in the next general election.
Two Russian operatives have been sanctioned for their involvement in spear-phishing campaigns.

US charges Iranian with attacks against defense contractors

Iranian national indicted for cyber espionage
Spear phishing and hacking techniques used to compromise US targets

UK accuses Russia of attempted election interference through cyberattacks

Moscow denies UK claims of a cyber-espionage campaign aimed at meddling in the next general election.
Two Russian operatives have been sanctioned for their involvement in spear-phishing campaigns.
morespear-phishing

Leaked document trove shows a Chinese hacking scheme focused on harassing dissidents

Chinese company's leaked documents reveal cyber espionage operations targeting dissidents globally.
Documents detail hacking operations, target lists, marketing materials, and potential surveillance of Uyghur population.

Leaked documents show how firm supports Chinese hacking operations

Chinese contractors complain about low pay and gamble in office while supporting hacking operations.
Leaked documents from I-SOON show concrete details of China's cyber espionage ecosystem driven by government targeting requirements.

Armenian, Azerbaijani Leaders Say Foreign Ministers To Meet Soon

German authorities helped shut down a Russian espionage network targeting Germany's plans for Ukraine.
APT 28 installed malware on routers for the Russian GRU military intelligence, attacking various EU and NATO countries.
#german-security-authorities

Germany Says Helped U.S. Shut Down Russian Computer Spy Network

German authorities helped shut down Russian espionage network
APT 28 conducted cyberattacks on German targets for GRU

Estonian PM Says Won't Be Intimidated By Russian Arrest Warrant

German security authorities shut down a Russian espionage network with U.S. support.
APT 28 hackers targeted German plans for Ukraine using malware on routers.

Ukrainian Foreign Minister Discusses Peace Prospects With Chinese Envoy

German security authorities helped shut down a Russian espionage network targeting Ukraine plans.
APT 28 installed malware on routers for Russian military intelligence operations.

Germany Says Helped U.S. Shut Down Russian Computer Spy Network

German authorities helped shut down Russian espionage network
APT 28 conducted cyberattacks on German targets for GRU

Estonian PM Says Won't Be Intimidated By Russian Arrest Warrant

German security authorities shut down a Russian espionage network with U.S. support.
APT 28 hackers targeted German plans for Ukraine using malware on routers.

Ukrainian Foreign Minister Discusses Peace Prospects With Chinese Envoy

German security authorities helped shut down a Russian espionage network targeting Ukraine plans.
APT 28 installed malware on routers for Russian military intelligence operations.
moregerman-security-authorities
#botnet

FBI disrupts Russian Moobot botnet infecting Ubiquiti routers

FBI dismantled a botnet of SOHO routers used by Russian GRU for malicious activities.
GRU repurposed Moobot malware created by cybercriminals to orchestrate cyber espionage activities globally.

Feds go Fancy Bear hunting, take down Russia's GRU botnet

The US government has disrupted a botnet used by Russia's GRU military intelligence unit for cyber espionage activities.
The botnet was composed of infected home and small business routers.

FBI disrupts Russian Moobot botnet infecting Ubiquiti routers

FBI dismantled a botnet of SOHO routers used by Russian GRU for malicious activities.
GRU repurposed Moobot malware created by cybercriminals to orchestrate cyber espionage activities globally.

Feds go Fancy Bear hunting, take down Russia's GRU botnet

The US government has disrupted a botnet used by Russia's GRU military intelligence unit for cyber espionage activities.
The botnet was composed of infected home and small business routers.
morebotnet

US indicts alleged Russian hackers for years-long cyber espionage campaign against Western countries | TechCrunch

U.S. authorities have indicted two hackers linked to Russia's Federal Security Service (FSB) for cyber espionage.
The hackers targeted government officials, think tanks, and journalists using spear-phishing emails.

UK, US accuse Russia of cyber-espionage campaign against top politicians

The UK government and the United States have accused Russian security services of engaging in a cyber-espionage campaign against politicians and organizations.
Losses from cyber attacks in 2018 amounted to at least $45 billion, according to a report.

China's APT41 crew adds stealthy malware to its toolbox

APT41, a Chinese cyber espionage group, likely added new malware tools DodgeBox and MoonWalk, targeting global victims. US government has charged APT41 members with network intrusions.

Thousands of Fortinet's FortiGate edge devices were exposed in a Chinese-backed hacking campaign

A cyber espionage campaign targeting Fortinet's FortiGate devices, named Coathanger, may be more widespread than initially thought.
[ Load more ]