Tag: cyberespionage
-
Cyberspionage durch Russland? – Regierungsmitglieder von Ausspähung über Signal betroffen
Tags: cyberespionageFirst seen on security-insider.de Jump to article: www.security-insider.de/signal-phishing-spionageangriffe-bundesregierung-a-7ac01546361c1febe69092e174a1d8e1/
-
Alleged Silk Typhoon hacker extradited to US for cyberespionage
A Chinese national accused of carrying out cyberespionage operations for China’s intelligence services has been extradited from Italy to the United States to face criminal charges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/alleged-silk-typhoon-hacker-extradited-to-us-for-cyberespionage/
-
Unwary Chinese Hackers Hardcoded Credentials into Backdoors
Eset Researchers Discover Trove of Go-Based Malware. Researchers uncovered a Chinese-linked cyberespionage group after attackers left command and control credentials embedded in malware, exposing internal operations, testing environments and thousands of messages tied to campaigns targeting a Mongolia government agency. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/unwary-chinese-hackers-hardcoded-credentials-into-backdoors-a-31487
-
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to deliver malicious payloads stealthily. The malware is linked to the Harvester cyberespionage group, which is…
-
FBI Takes Down Russian Campaign That Compromised Thousands of Routers
Tags: attack, cyber, cyberespionage, infrastructure, intelligence, network, office, router, russia, threatIn a major counter-cyberespionage action dubbed >>Operation Masquerade,<< the U.S. Justice Department and the FBI successfully neutralized a global network of compromised small office/home office (SOHO) routers. The infrastructure was controlled by Russia's Main Intelligence Directorate (GRU) to execute sophisticated Domain Name System (DNS) hijacking attacks against high-value intelligence targets. The Threat Actor and Attack…
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Chinesische Hackergruppe TA416 greift EU und NATO an
Tags: cyberespionageDie Gruppe TA416 intensiviert ihre Cyberspionage Aktivitäten erneut deutlich. Laut Sicherheitsforschern steht dabei besonders Europa im Fokus. Die Kampagnen zeigen zudem eine geografische Ausweitung in den Nahen Osten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/hackergruppe-ta416
-
The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia
The post The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/stately-taurus-southeast-asia-cyberespionage-three-clusters-unit-42/
-
European-Chinese geopolitical issues drive renewed cyberespionage campaign
Proofpoint researchers say the group behind the surge, TA416, had turned away from Europe for a few years. First seen on cyberscoop.com Jump to article: cyberscoop.com/european-chinese-geopolitical-issues-drive-renewed-cyberespionage-campaign/
-
Hackers Deploy USB Malware, RATs, and Stealers in Southeast Asian Government Attacks
A multi-cluster cyberespionage operation in which attackers used USB-propagated malware, multiple RATs, loaders, and a custom stealer to target a Southeast Asian government organization between June and August 2025. Analysts initially observed USB-borne malware dubbed USBFect (also known as HIUPAN), which spreads through removable drives and deploys the PUBLOAD backdoor for lateral movement. Further telemetry revealed two…
-
CISA orders feds to patch DarkSword iOS flaws exploited attacks
CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-darksword-ios-flaws-exploited-attacks/
-
Multi-Month Cyberespionage Campaign Hits Libyan Oil Refinery
Phishing Campaign Used AsyncRAT to Maintain Long-Term Network Access. A suspected cyberespionage campaign targeted a Libyan oil refinery using commodity malware and politically-themed phishing lures. The activity ran from November 2025 to mid-February, with evidence that attackers maintained long-term access to at least one oil company network. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/multi-month-cyberespionage-campaign-hits-libyan-oil-refinery-a-31091
-
‘TGR1030″ – Palo Alto Networks enttarnt neue Cyberspionage-Gruppe
First seen on security-insider.de Jump to article: www.security-insider.de/tgr-sta-1030-cyberspionage-phishing-gegen-regierungen-a-28542ad5a939f49fac74b55415301239/
-
‘TGR1030″ – Palo Alto Networks enttarnt neue Cyberspionage-Gruppe
First seen on security-insider.de Jump to article: www.security-insider.de/tgr-sta-1030-cyberspionage-phishing-gegen-regierungen-a-28542ad5a939f49fac74b55415301239/
-
‘TGR1030″ – Palo Alto Networks enttarnt neue Cyberspionage-Gruppe
First seen on security-insider.de Jump to article: www.security-insider.de/tgr-sta-1030-cyberspionage-phishing-gegen-regierungen-a-28542ad5a939f49fac74b55415301239/
-
Boggy Serpens Hits Diplomats, Critical Infrastructure in Espionage Waves
Boggy Serpens, also known as MuddyWater, has escalated its cyberespionage operations over the past year, focusing on diplomats and critical infrastructure organizations in a coordinated, multi-wave campaign. Boggy Serpens has moved beyond its earlier noisy, high-volume phishing style to prioritize persistence and stealth in campaigns across the Middle East, Europe, the Caucasus, Central and Western…
-
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
Researchers uncovered an extensive cyberespionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-nexus-hackers-southeast-asian-military-orgs
-
China Demands Proof After Costa Rica Blames UNC2814 for ICE Cyberattack
Tensions between China and Costa Rica have intensified following allegations tied to an ICE cyberattack that Costa Rican authorities say was linked to the cyberespionage group UNC2814. The dispute centers on a breach affecting Costa Rica’s state-run electricity and telecommunications provider and has quickly evolved from a domestic cybersecurity issue into a diplomatic disagreement involving competing narratives and…
-
Apple patches older iPhones and iPads against Coruna exploits
Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/apple/apple-patches-older-iphones-and-ipads-against-coruna-exploits/
-
Finnish intelligence warns of persistent cyber espionage from Russia, China
Cyberespionage remains the country’s most significant digital threat, with attackers targeting government systems, research institutions and companies developing advanced technologies, according to a new intel report. First seen on therecord.media Jump to article: therecord.media/finnish-intel-warns-espionage-china-russia
-
China-Linked Hackers Use Malware Trio for Telecom Espionage
Tags: access, china, cisco, communications, cyberespionage, espionage, group, hacker, infrastructure, malware, tool, usaResearchers Tie UAT-9244 Intrusion to Famous Sparrow and Tropic Trooper. A China-linked cyberespionage group has been targeting telecommunications providers in South America since 2024 using a set of newly discovered malware tools designed to maintain persistent access to critical communications infrastructure, Cisco Talos researchers found. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/china-linked-hackers-use-malware-trio-for-telecom-espionage-a-30940
-
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
CISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-apple-flaws-exploited-in-spyware-crypto-theft-attacks/
-
CISA warns of Apple flaws exploited in spyware, crypto-theft attacks
CISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-apple-flaws-exploited-in-spyware-crypto-theft-attacks/
-
Chinesische Cyberspionage-Gruppe Silver-Dragon hat Behörden in Europa und Asien im Visier
Die Sicherheitsforensiker von Check Point Research (CPR) haben eine Cyberspionage-kampagne identifiziert, die sich gegen Regierungs-organisationen in Südostasien und Teilen Europas richtet. CPR nennt die Gruppe ‘Silver Dragon>> und nach Einschätzung der Sicherheitsexperten ist sie seit mindestens Mitte 2024 aktiv. Die Kampagne kombiniert Server-Exploits, Phishing, maßgeschneiderte Malware und eine cloudbasierte Befehlsinfrastruktur, um langfristigen Zugriff auf die…
-
China’s Silver Dragon Razes Governments in EU, SE Asia
The emerging actor, part of the APT41 nexus, gains initial access via phishing, and uses legitimate network services to obscure cyberespionage activities. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-silver-dragon-governments-eu-se-asia
-
Amazon Says Drone Strikes Disrupted Middle East Data Centers
Iranian Cyberespionage Group MuddyWater Goes Dark. Physical effects rather than cyber strikes are triggering Middle Eastern connectivity problems during day four of a sustained U.S. and Israeli bombing campaign against Iran. Iran is responding with drone and missile attacks targeting U.S. military as well as British bases in Bahrain, Cyprus. First seen on govinfosecurity.com Jump…
-
Cyberspionage-Kampagne zielt auf staatliche Einrichtungen und kritische Infrastruktur
Arctic Wolf hat eine Cyberspionage-Kampagne aufgedeckt, die mit moderater Sicherheit <> (auch bekannt als Outrider Tiger und Fishing-Elephant) zugeschrieben werden kann. Ziel waren im Zeitraum von Januar 2025 bis Januar 2026 staatliche Einrichtungen und kritische Infrastruktur in Pakistan und Bangladesch. Die Kampagne stellt eine Weiterentwicklung der Aktivitäten dar, die erstmals im September 2024 von Cloudflare Cloudforce-One dokumentiert…