Tag: cyberespionage
-
Updated GIFTEDCROOK malware enables cyberespionage
First seen on scworld.com Jump to article: www.scworld.com/brief/updated-giftedcrook-malware-enables-cyberespionage
-
Cyberspionage-Gruppe UAC-0226 hat Giftedcrook zu einem umfassenden Exfiltrations-Tool ausgebaut
Arctic Wolf Labs, das Threat-Research-Team von Arctic Wolf, hat herausgefunden, dass die für den Infostealer bekannte Cyberspionage-Gruppe UAC-0226 ihre Fähigkeiten erheblich ausgebaut hat. Sie hat die Malware von einem einfachen Browser-Datastealer (bezeichnet als v1) durch zwei neue Upgrades (v1.2 und v1.3) in ein robustes Tool zum Sammeln von Informationen umgewandelt. Die Analyse von Dateien […]…
-
LapDogs Campaign Shows Chinese Groups’ Growing Use of ORB Networks
A cyberespionage campaign called LapDogs by SecurityScorecard illustrates the growing use of ORB networks by China-nexus threat groups, which use botnet-like techniques to stay undetected while collecting information and establishing persistence in compromised networks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/lapdogs-campaign-shows-chinese-groups-growing-use-of-orb-networks/
-
Widespread Chinese cyberespionage campaign powered by ORB network
First seen on scworld.com Jump to article: www.scworld.com/brief/widespread-chinese-cyberespionage-campaign-powered-by-orb-network
-
Russia-linked APT28 use Signal chats to target Ukraine official with malware
Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official…
-
Viasat Targeted in Cyberattack by Salt Typhoon APT Group
Viasat Inc., a leading U.S. satellite and wireless communications provider, has been identified as the latest victim in a sweeping cyberespionage campaign attributed to the Chinese state-sponsored group known as Salt Typhoon. The breach, which occurred during the 2024 U.S. presidential campaign, was discovered earlier this year and highlights the growing threat posed by advanced…
-
Cyberangriff auf ‘Washington Post”
Tags: access, china, cyber, cyberattack, cyberespionage, governance, government, mail, microsoft, usaDie “Washington Post” wurde Ziel einer Cyberattacke. Die Microsoft-Accounts mehrerer Journalisten der ‘Washington Post” sind laut einem Bericht des ‘Wall Street Journal” von Cyberkriminellen kompromittiert worden. Die Angreifer hatten demnach auch Zugriff auf dienstliche E-Mails der US-Zeitung. Es wird angenommen, dass es sich dabei um einen gezielten Angriff einer Regierung aus dem Ausland handelt.Zu den…
-
Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign
The post Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/stealth-falcon-exploits-new-zero-day-cve-2025-33053-in-sophisticated-cyberespionage-campaign/
-
China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns
Tags: attack, china, cyber, cyberespionage, cybersecurity, espionage, government, infrastructure, threatChina-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks from July 2024 to March 2025. In April 2025, cybersecurity firm SentinelOne warned that a China-linked threat actor, tracked as PurpleHaze, attempted to conduct reconnaissance on its infrastructure and high-value clients. The activity suggests targeted cyberespionage efforts aimed at gathering…
-
BladedFeline: Cyberspionage im Nahen Osten
Tags: cyberespionageDie Hackergruppe BladedFeline hat sich Zugang zu hochsensiblen Netzwerken in Irak und Kurdistan verschafft. Die Spionagekampagne zielte offenbar auf Informationen zur gezielten Einflussnahme und Sabotage. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/bladedfeline-cyberspionage
-
Multi-year cyberespionage campaign launched by BladedFeline APT
First seen on scworld.com Jump to article: www.scworld.com/brief/multi-year-cyberespionage-campaign-launched-by-bladedfeline-apt
-
BladedFeline: Cyber-Spionage im Schatten
ESET Forscher analysieren Cyberspionage-Kampagne iranischer Hackergruppe First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/bladedfeline-cyber-spionage-im-schatten/
-
Iranian APT ‘BladedFeline’ Remains Hidden in Networks for 8 Years
ESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert access to the networks of Kurdish and Iraqi government officials for nearly eight years. First identified in 2017 through attacks on the Kurdistan Regional Government (KRG), BladedFeline has since evolved into a sophisticated cyberespionage entity,…
-
Iran-linked hackers target Kurdish and Iraqi officials in long-running cyberespionage campaign
The group has been operating since at least 2017, initially breaching systems belonging to the Kurdistan Regional Government and have expanded their reach to the Central Government of Iraq as well as a telecommunications provider in Uzbekistan. First seen on therecord.media Jump to article: therecord.media/iran-linked-hackers-target-kurdish-iraq-cyber-espionage
-
Void Blizzard nimmt NATO-Organisationen ins Visier
Tags: access, api, authentication, blizzard, cloud, cyberattack, cyberespionage, edr, fido, framework, governance, government, hacker, intelligence, mail, malware, mfa, microsoft, open-source, passkey, password, phishing, risk, siem, spear-phishing, threat, tool, ukraineRussische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich.Seit über einem Jahr hat es eine neue Cyberspionage-Gruppe, die mit der russischen Regierung in Verbindung stehen soll, auf Unternehmen aus verschiedenen Branchen innerhalb der NATO abgesehen. Die Gruppe wird von Microsoft Threat Intelligence ‘Void Blizzard” genannt. Die niederländischen…
-
Hackerangriff auf Außenministerium alarmiert Nato und EU
Die EU macht chinesische Hacker für eine bösartige Cyberkampagne gegen das Außenministerium in Tschechien verantwortlich.Ein mutmaßlicher chinesischer Hackerangriff gegen das Außenministerium in Tschechien alarmiert die Nato und die EU. In einer gemeinsamen Erklärung der 32 Nato-Staaten heißt es, man beobachte mit wachsender Besorgnis die zunehmenden böswilligen Cyberaktivitäten, die von der Volksrepublik China ausgehen und sei…
-
APT41 Uses Google Calendar as Covert C2 in Stealthy Cyberespionage Campaign
In an example of cloud service abuse, Google Threat Intelligence Group (GTIG) has uncovered a new APT41 campaign First seen on securityonline.info Jump to article: securityonline.info/apt41-uses-google-calendar-as-covert-c2-in-stealthy-cyberespionage-campaign/
-
Staatlich unterstützte Hackergruppe TA406 – Nordkoreanische Cyberspionage in der Ukraine
First seen on security-insider.de Jump to article: www.security-insider.de/nordkorea-cyberangriffe-ukraine-hackergruppe-ta406-a-6caace65608b32dd6fc70ce3ca08621c/
-
Trojanized Word files harnessed in new Russian cyberespionage campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/trojanized-word-files-harnessed-in-new-russian-cyberespionage-campaign
-
Void Blizzard: New Russian Cyberespionage Group Targets NATO and Ukraine
Microsoft Threat Intelligence has identified a cyberespionage campaign by a newly recognized Russia-affiliated actor named Void Blizzard, also First seen on securityonline.info Jump to article: securityonline.info/void-blizzard-new-russian-cyberespionage-group-targets-nato-and-ukraine/
-
Microsoft Alerts on Void Blizzard Hackers Targeting Telecommunications and IT Sectors
Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global cloud abuse activities orchestrated by a threat actor tracked as Void Blizzard, also known as LAUNDRY BEAR. Assessed with high confidence to be Russia-affiliated, Void Blizzard has been active since at least April 2024, focusing its cyberespionage operations on NATO…
-
Ivanti EPMM flaws leveraged in global Chinese cyberespionage attacks
First seen on scworld.com Jump to article: www.scworld.com/brief/ivanti-epmm-flaws-leveraged-in-global-chinese-cyberespionage-attacks
-
Russian Hackers Target Western Firms Aiding Ukraine, Spy on Shipments
Russian military hackers are targeting Western firms aiding Ukraine, using cyberespionage to infiltrate logistics networks and spy on arms shipments. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/russian-hackers-target-western-firms/
-
Russia-linked APT28 targets western logistics entities and technology firms
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology companies moving supplies into Ukraine, US CISA warns. TheAPT28group (akaFancy Bear,Pawn Storm,Sofacy Group,Sednit,BlueDelta, andSTRONTIUM)has been active since at least 2007 and it…
-
Russian hackers breach orgs to track aid routes to Ukraine
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-breach-orgs-to-track-aid-routes-to-ukraine/
-
Mass federal worker layoffs exploited by Chinese cyberespionage campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/mass-federal-worker-layoffs-exploited-by-chinese-cyberespionage-campaign
-
Global government webmail servers targeted by Russian cyberespionage operation
First seen on scworld.com Jump to article: www.scworld.com/brief/global-government-webmail-servers-targeted-by-russian-cyberespionage-operation
-
Operation RoundPress: Sednit Weaponizes XSS to Breach Global Webmail Servers
ESET researchers have exposed a covert cyberespionage campaign, dubbed Operation RoundPress, believed to be orchestrated by the Russia-aligned First seen on securityonline.info Jump to article: securityonline.info/operation-roundpress-sednit-weaponizes-xss-to-breach-global-webmail-servers/