Tag: cyberespionage
-
Hacker linked to Void Blizzard faces charges over cyberespionage campaign
Denis Obrezko, 36, made his initial appearance in federal court in Boston on Tuesday after being transferred to U.S. custody from Thailand, where he was arrested last November. First seen on therecord.media Jump to article: therecord.media/hacker-linked-to-void-blizzard-faces-charges
-
Hacker linked to Void Blizzard faces charges over cyberespionage campaign
Denis Obrezko, 36, made his initial appearance in federal court in Boston on Tuesday after being transferred to U.S. custody from Thailand, where he was arrested last November. First seen on therecord.media Jump to article: therecord.media/hacker-linked-to-void-blizzard-faces-charges
-
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/russian-groups-winrar-flaw-ukrainian-orgs
-
Breach Roundup: Microsoft Tries to Mend Researcher Bridges
Also: Gas Station Monitoring Systems Under Attack, Spanish Teen Doxer Arrested. This week, more happened than fits here: Microsoft tried to make nice with researchers, gas tank gauges under attack in the United States, fake FIFA websites are everywhere. Russia cried cyberespionage, Spanish police arrested a teenaged doxer, a Oracle Weblogic flaw was actively exploited.…
-
Breach Roundup: Microsoft Tried to Mend Researcher Bridges
Also: Gas Station Monitoring Systems Under Attack, Spanish Teen Doxer Arrested. This week, more happened than fits here: Microsoft tried to make nice with researchers, gas tank gauges under attack in the United States, fake FIFA websites are everywhere. Russia cried cyberespionage, Spanish police arrested a teenaged doxer, a Oracle Weblogic flaw was actively exploited.…
-
Afghan finance officials targeted by suspected Pakistani cyberespionage campaign
A suspected Pakistan-linked hacking group has targeted Afghanistan’s Ministry of Finance and provincial government officials in a new cyberespionage campaign, researchers have found. First seen on therecord.media Jump to article: therecord.media/afghan-officials-targeted-by-sidecopy
-
FrostyNeighbor: Neue Tricks und digitale Spielchen
Tags: cyberespionageESET-Forscher entdeckten neue Aktivitäten von FrostyNeighbor aufgedeckt. Die Belarus nahestehende Gruppe hat ihre Angriffskette erneut angepasst, um ihre laufenden Cyberespionage-Operationen fortzusetzen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/frostyneighbor-neue-tricks-und-digitale-spielchen/
-
FrostyNeighbor: FrostyNeighbor: Neue Tricks und digitale Spielchen
Tags: cyberespionageESET-Forscher entdeckten neue Aktivitäten von FrostyNeighbor aufgedeckt. Die Belarus nahestehende Gruppe hat ihre Angriffskette erneut angepasst, um ihre laufenden Cyberespionage-Operationen fortzusetzen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/frostyneighbor-frostyneighbor-neue-tricks-und-digitale-spielchen/
-
Mustang Panda Linked to New Modular FDMTP Backdoor
Researchers Say Nation-State Actors Are Evolving Persistence Techniques. An apparent Chinese nation-state hacking group gussied up its tooling with new modular functionality, say security researchers who observed a cyberespionage campaign affecting Asia-Pacific governments. The activity resembles attack patterns of the threat actor tracked as Mustang Panda First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mustang-panda-linked-to-new-modular-fdmtp-backdoor-a-31696
-
Python Infostealer Hides in GitHub Releases to Bypass Detection
A stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low”‘visibility access to victim systems. The operation, dubbed “Operation HumanitarianBait” in some reporting, appears designed for cyberespionage against Russian”‘speaking targets using humanitarian”‘themed lures and a PE”‘less Python architecture. The campaign starts with phishing emails that deliver a RAR archive containing…
-
Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage
The post Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/oman-government-cyberattack-hunt-intelligence-apt34-muddywater/
-
Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads
A sophisticated supply-chain attack has compromised the official distribution channel for DAEMON Tools, delivering multi-stage malware to users worldwide. Since April 8, 2026, threat actors have distributed trojanized installers signed with legitimate digital certificates to conduct highly targeted cyberespionage operations. Attackers successfully breached the development pipeline of AVB Disc Soft, the creators of the widely…
-
Cyberspionage durch Russland? – Regierungsmitglieder von Ausspähung über Signal betroffen
Tags: cyberespionageFirst seen on security-insider.de Jump to article: www.security-insider.de/signal-phishing-spionageangriffe-bundesregierung-a-7ac01546361c1febe69092e174a1d8e1/
-
Alleged Silk Typhoon hacker extradited to US for cyberespionage
A Chinese national accused of carrying out cyberespionage operations for China’s intelligence services has been extradited from Italy to the United States to face criminal charges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/alleged-silk-typhoon-hacker-extradited-to-us-for-cyberespionage/
-
Unwary Chinese Hackers Hardcoded Credentials into Backdoors
Eset Researchers Discover Trove of Go-Based Malware. Researchers uncovered a Chinese-linked cyberespionage group after attackers left command and control credentials embedded in malware, exposing internal operations, testing environments and thousands of messages tied to campaigns targeting a Mongolia government agency. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/unwary-chinese-hackers-hardcoded-credentials-into-backdoors-a-31487
-
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to deliver malicious payloads stealthily. The malware is linked to the Harvester cyberespionage group, which is…
-
FBI Takes Down Russian Campaign That Compromised Thousands of Routers
Tags: attack, cyber, cyberespionage, infrastructure, intelligence, network, office, router, russia, threatIn a major counter-cyberespionage action dubbed >>Operation Masquerade,<< the U.S. Justice Department and the FBI successfully neutralized a global network of compromised small office/home office (SOHO) routers. The infrastructure was controlled by Russia's Main Intelligence Directorate (GRU) to execute sophisticated Domain Name System (DNS) hijacking attacks against high-value intelligence targets. The Threat Actor and Attack…
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Chinesische Hackergruppe TA416 greift EU und NATO an
Tags: cyberespionageDie Gruppe TA416 intensiviert ihre Cyberspionage Aktivitäten erneut deutlich. Laut Sicherheitsforschern steht dabei besonders Europa im Fokus. Die Kampagnen zeigen zudem eine geografische Ausweitung in den Nahen Osten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/hackergruppe-ta416
-
The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia
The post The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/stately-taurus-southeast-asia-cyberespionage-three-clusters-unit-42/
-
European-Chinese geopolitical issues drive renewed cyberespionage campaign
Proofpoint researchers say the group behind the surge, TA416, had turned away from Europe for a few years. First seen on cyberscoop.com Jump to article: cyberscoop.com/european-chinese-geopolitical-issues-drive-renewed-cyberespionage-campaign/
-
Hackers Deploy USB Malware, RATs, and Stealers in Southeast Asian Government Attacks
A multi-cluster cyberespionage operation in which attackers used USB-propagated malware, multiple RATs, loaders, and a custom stealer to target a Southeast Asian government organization between June and August 2025. Analysts initially observed USB-borne malware dubbed USBFect (also known as HIUPAN), which spreads through removable drives and deploys the PUBLOAD backdoor for lateral movement. Further telemetry revealed two…
-
CISA orders feds to patch DarkSword iOS flaws exploited attacks
CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-darksword-ios-flaws-exploited-attacks/
-
Multi-Month Cyberespionage Campaign Hits Libyan Oil Refinery
Phishing Campaign Used AsyncRAT to Maintain Long-Term Network Access. A suspected cyberespionage campaign targeted a Libyan oil refinery using commodity malware and politically-themed phishing lures. The activity ran from November 2025 to mid-February, with evidence that attackers maintained long-term access to at least one oil company network. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/multi-month-cyberespionage-campaign-hits-libyan-oil-refinery-a-31091
-
‘TGR1030″ – Palo Alto Networks enttarnt neue Cyberspionage-Gruppe
First seen on security-insider.de Jump to article: www.security-insider.de/tgr-sta-1030-cyberspionage-phishing-gegen-regierungen-a-28542ad5a939f49fac74b55415301239/
-
‘TGR1030″ – Palo Alto Networks enttarnt neue Cyberspionage-Gruppe
First seen on security-insider.de Jump to article: www.security-insider.de/tgr-sta-1030-cyberspionage-phishing-gegen-regierungen-a-28542ad5a939f49fac74b55415301239/
-
‘TGR1030″ – Palo Alto Networks enttarnt neue Cyberspionage-Gruppe
First seen on security-insider.de Jump to article: www.security-insider.de/tgr-sta-1030-cyberspionage-phishing-gegen-regierungen-a-28542ad5a939f49fac74b55415301239/
-
Boggy Serpens Hits Diplomats, Critical Infrastructure in Espionage Waves
Boggy Serpens, also known as MuddyWater, has escalated its cyberespionage operations over the past year, focusing on diplomats and critical infrastructure organizations in a coordinated, multi-wave campaign. Boggy Serpens has moved beyond its earlier noisy, high-volume phishing style to prioritize persistence and stealth in campaigns across the Middle East, Europe, the Caucasus, Central and Western…