Tag: cyberespionage
-
Zwei Tools – eine Mission: UNC5174 startet raffinierte Angriffskampagne
Der Hintergrund der Angriffe legt nahe, dass die Aktivitäten sowohl der Cyberspionage als auch dem Zugangshandel an kompromittierten Netzwerken dienen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zwei-tools-eine-mission-unc5174-startet-raffinierte-angriffskampagne/a40507/
-
New Russia-linked cyberespionage campaign abuses Windows RDP
First seen on scworld.com Jump to article: www.scworld.com/brief/new-russia-linked-cyberespionage-campaign-abuses-windows-rdp
-
Ukraine subjected to new cyberespionage campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/ukraine-subjected-to-new-cyberespionage-campaign
-
Chinese Espionage Group Targeting Legacy Ivanti VPN Devices
More Evidence Surfaces of Chinese Hackers Targeting Ivanti Products. A suspected Chinese cyberespionage operation is behind a spate of malware left on VPN appliances made by Ivanti. The threat actor used a critical security vulnerability the Utah company patched in February. We are aware of a limited number of customers whose appliances have been exploited.…
-
CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers
Researchers attributed exploitation of the vulnerability to a suspected China-based cyberespionage group tracked as UNC5221. First seen on therecord.media Jump to article: therecord.media/cisa-ivanti-firewall-bug-exploitation
-
Asia-Pacific, Latin America subjected to Chinese cyberespionage attacks
First seen on scworld.com Jump to article: www.scworld.com/brief/asia-pacific-latin-america-subjected-to-chinese-cyberespionage-attacks
-
China’s FamousSparrow APT Hits Americas with SparrowDoor Malware
China-linked APT group FamousSparrow hits targets in the Americas using upgraded SparrowDoor malware in new cyberespionage campaign, ESET reports. First seen on hackread.com Jump to article: hackread.com/china-famoussparrow-apt-americas-sparrowdoor-malware/
-
Russia-linked Gamaredon targets Ukraine with Remcos RAT
Tags: apt, attack, cyberespionage, group, phishing, powershell, rat, russia, spear-phishing, ukraineRussia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related…
-
Cyberspionage in Russland – Aktiv ausgenutzter Zero-Day-Exploit in Google Chrome
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecke-chrome-sandbox-umgehung-kaspersky-a-5cc1e2fae2e2dc9392ea2cf85b8cd384/
-
Chinese FamousSparrow hackers deploy upgraded malware in attacks
A China-linked cyberespionage group known as ‘FamousSparrow’ was observed using a new modular version of its signature backdoor ‘SparrowDoor’ against a US-based trade organization. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-famoussparrow-hackers-deploy-upgraded-malware-in-attacks/
-
Mercenary Hacking Group Appears to Embrace Ransomware
Highly Targeted Ransomware Hit Traced to Long-Running Cyberespionage Group. A stealthy group of mercenary hackers active since 2018 appears to have diversified into hitting hypervisors with ransomware via highly targeted attacks. Researchers said they tracked the hit to a corporate espionage team tracked as RedCurl. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mercenary-hacking-group-appears-to-embrace-ransomware-a-27834
-
Chinese APT Weaver Ant Targeting Telecom Providers in Asia
Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access. The post Chinese APT Weaver Ant Targeting Telecom Providers in Asia appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-weaver-ant-targeting-telecom-providers-in-asia/
-
Chinese Hackers Exploit Unpatched Servers in Taiwan
UAT-5918 Breaches Taiwan’s Critical Sectors Using N-Day Flaws for Cyberespionage. Hackers with ties to China-based hacking groups including Volt Typhoon are breaching Taiwan’s critical infrastructure by exploiting unpatched web and application servers as entry points for a cyberespionage campaign. Cisco Talos threat hunters identified the new threat actor as UAT-5918. First seen on govinfosecurity.com Jump…
-
Critical vulnerability in AMI MegaRAC BMC allows server’ takeover
Tags: access, advisory, api, apt, attack, authentication, control, credentials, cve, cyberespionage, cybersecurity, data, data-breach, endpoint, exploit, firewall, firmware, flaw, group, infrastructure, Internet, linux, malicious, malware, network, ransomware, supply-chain, technology, training, update, vulnerabilityth vulnerability that Eclypsium researchers found in MegaRAC, the BMC firmware implementation from UEFI/BIOS vendor American Megatrends (AMI). BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are shut down.Administrators can access BMCs…
-
GitHub wird immer mehr zu einem digitalen Minenfeld
Tags: access, authentication, cloud, computer, cyberattack, cyberespionage, cybersecurity, github, malware, mfa, north-korea, password, updateZuerst waren nur einzelne GitHub-Repositories mit Malware infiziert. Mittlerweile geraten auch Entwickler und deren Konten direkt in das Visier von Cyberkriminellen.Die Plattform GitHub sorgt seit geraumer Zeit für negative Schlagzeilen, da ihre Repositories vermehrt mit Malware infiziert sind. Hierdurch versuchen Cyberkriminelle auf Geräte und Daten zuzugreifen.Jetzt wurden diese Aktivitäten auf Entwickler direkt ausgeweitet. Ziel dieser…
-
Chinese Hackers Target European Diplomats with Malware
MirrorFace Expands Operations, Revives Anel Backdoor for Espionage. A threat actor associated with Chinese cyberespionage campaigns against Japan stepped outside its East Asian comfort zone to target a European organization with a refreshed set of hacking tools. A hacking group tracked as MirrorFace and Earth Kasha deployed a backdoor once exclusively used by APT10. First…
-
State-backed cyberespionage against European telcos escalates
Tags: cyberespionageFirst seen on scworld.com Jump to article: www.scworld.com/brief/state-backed-cyberespionage-against-european-telcos-escalates
-
Mandiant Uncovers Custom Backdoors on EndLife Juniper Routers
China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers. The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/mandiant-uncovers-custom-backdoors-on-end-of-life-juniper-routers/
-
Chinese Cyberespionage Group Tied to Juniper MX Router Hacks
Juniper Networks Urges Immediate Updating and Malware Scans to Block Attackers. Hackers have been infecting outdated Juniper MX routers with backdoor malware as part of an apparent cyberespionage campaign that traces to a Chinese-affiliated hacking team tracked as UNC 3886, warned Google’s Mandiant incident response group. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-cyberespionage-group-tied-to-juniper-mx-router-hacks-a-27696
-
Ivanti EPM vulnerabilities actively exploited in the wild, CISA warns
Tags: apt, china, cisa, cyberespionage, exploit, flaw, group, ivanti, remote-code-execution, vpn, vulnerability, zero-dayIvanti products in attackers’ crosshairs: Multiple Ivanti products have been targeted by attackers over the past year, especially by state-sponsored cyberespionage groups who developed zero-day exploits for them.Back in January Ivanti patched a critical remote code execution flaw in its Connect Secure SSL VPN appliance that a Chinese APT group had exploited as a zero-day…
-
1,600 Victims Hit by South American APT’s Malware
South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign. The post 1,600 Victims Hit by South American APT’s Malware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/1600-victims-hit-by-south-american-apts-malware/
-
UK ‘Extremely Worried’ About Cyberthreats
Risk of Espionage and Disruption Key Risks, Lawmakers Warned. The British government is extremely worried about the Chinese and Russian cyberespionage and disruptive hacks, government officials told the U.K. Public Accounts Committee on Monday. The United Kingdom has faced a substantial escalation in cyberthreats in the last three years, lawmakers heard. First seen on govinfosecurity.com…
-
CrowdStrike Global Threat Report 2025
Sicherheitsanbieter CrowdStrike hat Ende Februar 2025 seinen Global Threat Report 2025 vorgelegt. Das Fazit lautet, dass chinesische Cyberspionage-Aktivitäten um 150 % zunehmen, wobei die Taktiken immer aggressiver werden und zunehmend KI zur Täuschung eingesetzt wird. Zudem enthüllen die CrowdStrikes Experten, aufgrund … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/09/crowdstrike-global-threat-report-2025/
-
North Korean Moonstone Sleet Uses Creative Tactics to Deploy Custom Ransomware
In a recent development, Microsoft has identified a new North Korean threat actor known as Moonstone Sleet, which has been employing a combination of traditional and innovative tactics to achieve its financial and cyberespionage objectives. Moonstone Sleet, formerly tracked as Storm-1789, has demonstrated a sophisticated approach by using fake companies, trojanized software, and even a…
-
Global Threat Report: Cyberspionage und KI-Betrug nehmen rasant zu
First seen on t3n.de Jump to article: t3n.de/news/global-threat-report-cyberspionage-und-ki-betrug-nehmen-rasant-zu-1675453/
-
Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally
Tags: attack, china, cyber, cyberespionage, cybersecurity, exploit, hacker, malware, usa, vpn, vulnerability, zero-dayA sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched Check Point VPN vulnerability (CVE-2024-24919) to infiltrate organizations across Europe, Africa, and the Americas, according to cybersecurity researchers. The attacks, observed between June 2024 and January 2025, primarily targeted the manufacturing sector, deploying ShadowPad malware and, in limited cases, the NailaoLocker…
-
Talos: No Cisco Zero Days Used in Salt Typhoon Telecom Hacks
Tags: breach, china, cisco, credentials, cyberespionage, hacker, login, threat, vulnerability, zero-dayChinese Nation-State Hackers Used a Custom Utility to Capture Packets. Chinese hackers who infiltrated U.S. telecoms likely only used one, known Cisco vulnerability, says Cisco’s threat analysis unit. Otherwise, the Chinese nation-state cyberespionage operation known as Salt Typhoon used stolen login credentials living-off-the-land techniques, says Cisco Talos. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/talos-no-cisco-zero-days-used-in-salt-typhoon-telecom-hacks-a-27576