Tag: cyberespionage
-
Chinese State-Sponsored Hackers Target Semiconductor Industry with Weaponized Cobalt Strike
Proofpoint Threat Research has identified a sophisticated multi-pronged cyberespionage campaign targeting Taiwan’s semiconductor industry between March and June 2025. Three distinct Chinese state-sponsored threat actors, designated as UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp, conducted coordinated phishing operations against organizations spanning semiconductor manufacturing, design, testing, supply chain entities, and financial investment analysts specializing in the Taiwanese semiconductor market.…
-
DoNot APT is expanding scope targeting European foreign ministries
DoNot APT, likely an India-linked cyberespionage group, targets European foreign ministries with LoptikMod malware. The DoNot APT group, likely linked to India, has expanded its operations and is targeting European foreign ministries with a new malware, called LoptikMod. The Donot Team (also known as APT-C-35 and Origami Elephant) has been active since 2016, focusing on government entities, foreign…
-
Italian Police Arrest Alleged Chinese Hacker Wanted by FBI
Shanghai Man Tied to Beijing-Backed Silk Typhoon Cyberespionage Attacks. Italian police arrested Chinese national Xu Zewei, 33, based on a U.S. arrest warrant charging the Shanghai resident with participating in Silk Typhoon cyberespionage attacks, including targeting novel coronavirus vaccine development information from the University of Texas. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/italian-police-arrest-alleged-chinese-hacker-wanted-by-fbi-a-28914
-
Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant
Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan’s Malpensa Airport on a U.S. warrant. Italian police arrested a Chinese national, Zewei Xu (33), at Milan’s Malpensa Airport on a U.S. warrant. Xu was arrested at Malpensa Airport on July 3rd after arriving on a flight from China. Authorities accused…
-
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage
A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/alleged-chinese-hacker-tied-to-silk-typhoon-arrested-for-cyberespionage/
-
BladedFeline Exploits Whisper and PrimeCache to Breach IIS and Microsoft Exchange Servers
ESET researchers have uncovered a series of malicious tools deployed by BladedFeline, an Iran-aligned advanced persistent threat (APT) group, targeting Kurdish and Iraqi government officials. Active since at least 2017, BladedFeline has been linked with medium confidence to the notorious OilRig APT group, known for cyberespionage across the Middle East. Sophisticated Cyberespionage Campaign The group’s…
-
Erneute Cyberattacke auf Internationalen Strafgerichtshof
Tags: cyber, cyberattack, cybercrime, cyberespionage, cyersecurity, germany, hacker, infrastructure, intelligence, Internet, ransomware, service, ukraine, usaDer Internationale Strafgerichtshof wurde bereists zum zweiten Mal von einer Cyberattacke getroffen.Der Internationale Strafgerichtshof (IStGH) ist Opfer eines raffinierten Cyberangriffs geworden, dem zweiten großen Cyberspionageversuch gegen das Kriegsverbrechertribunal innerhalb von nur zwei Jahren. Der jüngste Vorfall ereignete sich während des NATO-Gipfels in Den Haag im Juni, als die Aufmerksamkeit der Weltöffentlichkeit auf die niederländische Hauptstadt…
-
North Korean crypto thieves deploy custom Mac backdoor
North Korean threat actors are targeting companies from the Web3 and crypto industries with a backdoor designed for macOS written in niche programming language Nim. The attackers are also using AppleScript for early stage payloads, including a fake Zoom update.”North Korean-aligned threat actors have previously experimented with Go and Rust, similarly combining scripts and compiled…
-
Chinesische Hacker haben über 1.000 SOHO-Geräte infiziert
Tags: backdoor, china, cisco, cyberattack, cybercrime, cyberespionage, hacker, iot, linux, malware, office, usa, vulnerability, windowsDutzende Cybercrime-Kampagnen mit Fokus auf Asien und die USA wurden als angebliche LAPD-Aktionen getarnt.Cybersecurity-Experten haben ein Netzwerk von mehr als 1.000 kompromittierten Small-Office- und Home-Office-Geräten (SOHO) entdeckt. Die Devices wurden laut den Experten dazu genutzt, eine langwierige Cyberspionage-Infrastrukturkampagne für chinesische Hacker-Gruppen zu ermöglichen. Das Strike-Team von SecurityScorecard entdeckte das dazugehörige Operational-Relay-Box (ORB)-Netzwerk und gab ihm…
-
New Mustang Panda cyberespionage campaign sets sights on Tibet
Tags: cyberespionageFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-mustang-panda-cyberespionage-campaign-sets-sights-on-tibet
-
Updated GIFTEDCROOK malware enables cyberespionage
First seen on scworld.com Jump to article: www.scworld.com/brief/updated-giftedcrook-malware-enables-cyberespionage
-
Cyberspionage-Gruppe UAC-0226 hat Giftedcrook zu einem umfassenden Exfiltrations-Tool ausgebaut
Arctic Wolf Labs, das Threat-Research-Team von Arctic Wolf, hat herausgefunden, dass die für den Infostealer bekannte Cyberspionage-Gruppe UAC-0226 ihre Fähigkeiten erheblich ausgebaut hat. Sie hat die Malware von einem einfachen Browser-Datastealer (bezeichnet als v1) durch zwei neue Upgrades (v1.2 und v1.3) in ein robustes Tool zum Sammeln von Informationen umgewandelt. Die Analyse von Dateien […]…
-
LapDogs Campaign Shows Chinese Groups’ Growing Use of ORB Networks
A cyberespionage campaign called LapDogs by SecurityScorecard illustrates the growing use of ORB networks by China-nexus threat groups, which use botnet-like techniques to stay undetected while collecting information and establishing persistence in compromised networks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/lapdogs-campaign-shows-chinese-groups-growing-use-of-orb-networks/
-
Widespread Chinese cyberespionage campaign powered by ORB network
First seen on scworld.com Jump to article: www.scworld.com/brief/widespread-chinese-cyberespionage-campaign-powered-by-orb-network
-
Russia-linked APT28 use Signal chats to target Ukraine official with malware
Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official…
-
Viasat Targeted in Cyberattack by Salt Typhoon APT Group
Viasat Inc., a leading U.S. satellite and wireless communications provider, has been identified as the latest victim in a sweeping cyberespionage campaign attributed to the Chinese state-sponsored group known as Salt Typhoon. The breach, which occurred during the 2024 U.S. presidential campaign, was discovered earlier this year and highlights the growing threat posed by advanced…
-
Cyberangriff auf ‘Washington Post”
Tags: access, china, cyber, cyberattack, cyberespionage, governance, government, mail, microsoft, usaDie “Washington Post” wurde Ziel einer Cyberattacke. Die Microsoft-Accounts mehrerer Journalisten der ‘Washington Post” sind laut einem Bericht des ‘Wall Street Journal” von Cyberkriminellen kompromittiert worden. Die Angreifer hatten demnach auch Zugriff auf dienstliche E-Mails der US-Zeitung. Es wird angenommen, dass es sich dabei um einen gezielten Angriff einer Regierung aus dem Ausland handelt.Zu den…
-
Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign
The post Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/stealth-falcon-exploits-new-zero-day-cve-2025-33053-in-sophisticated-cyberespionage-campaign/
-
China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns
Tags: attack, china, cyber, cyberespionage, cybersecurity, espionage, government, infrastructure, threatChina-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks from July 2024 to March 2025. In April 2025, cybersecurity firm SentinelOne warned that a China-linked threat actor, tracked as PurpleHaze, attempted to conduct reconnaissance on its infrastructure and high-value clients. The activity suggests targeted cyberespionage efforts aimed at gathering…
-
BladedFeline: Cyberspionage im Nahen Osten
Tags: cyberespionageDie Hackergruppe BladedFeline hat sich Zugang zu hochsensiblen Netzwerken in Irak und Kurdistan verschafft. Die Spionagekampagne zielte offenbar auf Informationen zur gezielten Einflussnahme und Sabotage. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/bladedfeline-cyberspionage
-
Multi-year cyberespionage campaign launched by BladedFeline APT
First seen on scworld.com Jump to article: www.scworld.com/brief/multi-year-cyberespionage-campaign-launched-by-bladedfeline-apt
-
BladedFeline: Cyber-Spionage im Schatten
ESET Forscher analysieren Cyberspionage-Kampagne iranischer Hackergruppe First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/bladedfeline-cyber-spionage-im-schatten/
-
Iranian APT ‘BladedFeline’ Remains Hidden in Networks for 8 Years
ESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert access to the networks of Kurdish and Iraqi government officials for nearly eight years. First identified in 2017 through attacks on the Kurdistan Regional Government (KRG), BladedFeline has since evolved into a sophisticated cyberespionage entity,…
-
Iran-linked hackers target Kurdish and Iraqi officials in long-running cyberespionage campaign
The group has been operating since at least 2017, initially breaching systems belonging to the Kurdistan Regional Government and have expanded their reach to the Central Government of Iraq as well as a telecommunications provider in Uzbekistan. First seen on therecord.media Jump to article: therecord.media/iran-linked-hackers-target-kurdish-iraq-cyber-espionage
-
Void Blizzard nimmt NATO-Organisationen ins Visier
Tags: access, api, authentication, blizzard, cloud, cyberattack, cyberespionage, edr, fido, framework, governance, government, hacker, intelligence, mail, malware, mfa, microsoft, open-source, passkey, password, phishing, risk, siem, spear-phishing, threat, tool, ukraineRussische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich.Seit über einem Jahr hat es eine neue Cyberspionage-Gruppe, die mit der russischen Regierung in Verbindung stehen soll, auf Unternehmen aus verschiedenen Branchen innerhalb der NATO abgesehen. Die Gruppe wird von Microsoft Threat Intelligence ‘Void Blizzard” genannt. Die niederländischen…
-
Hackerangriff auf Außenministerium alarmiert Nato und EU
Die EU macht chinesische Hacker für eine bösartige Cyberkampagne gegen das Außenministerium in Tschechien verantwortlich.Ein mutmaßlicher chinesischer Hackerangriff gegen das Außenministerium in Tschechien alarmiert die Nato und die EU. In einer gemeinsamen Erklärung der 32 Nato-Staaten heißt es, man beobachte mit wachsender Besorgnis die zunehmenden böswilligen Cyberaktivitäten, die von der Volksrepublik China ausgehen und sei…
-
APT41 Uses Google Calendar as Covert C2 in Stealthy Cyberespionage Campaign
In an example of cloud service abuse, Google Threat Intelligence Group (GTIG) has uncovered a new APT41 campaign First seen on securityonline.info Jump to article: securityonline.info/apt41-uses-google-calendar-as-covert-c2-in-stealthy-cyberespionage-campaign/
-
Staatlich unterstützte Hackergruppe TA406 – Nordkoreanische Cyberspionage in der Ukraine
First seen on security-insider.de Jump to article: www.security-insider.de/nordkorea-cyberangriffe-ukraine-hackergruppe-ta406-a-6caace65608b32dd6fc70ce3ca08621c/