Tag: espionage
-
Government Organizations Targeted via AWS Lambda URL Endpoint Exploits
Tags: cyber, data, endpoint, espionage, exploit, government, intelligence, monitoring, network, threatUnit 42 researchers from Palo Alto Networks have been monitoring a sophisticated threat cluster designated CL-STA-1020, which has been systematically targeting governmental entities across Southeast Asia. This operation focuses on extracting sensitive data from government agencies, particularly details surrounding recent tariffs and trade disputes, underscoring a motive rooted in espionage and intelligence gathering. The campaign…
-
Airline executive agrees to dismiss litigation around alleged hackhire scheme
The cases, which stretched across multiple continents and shed light on the shady world of corporate espionage and mercenary hackers, stemmed from a scheme allegedly orchestrated by an attorney at the law firm Dechert to hack into Azima’s accounts for one of its clients. First seen on therecord.media Jump to article: therecord.media/airline-exec-agrees-to-dismiss-hack-for-hire-lawsuit
-
Indian Cyber Espionage Group Targets Italian Government
DoNot APT, also known as APT-C-35, traditionally operates exclusively in South Asia First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/indian-cyber-espionage-italian/
-
Chinese Hacker Linked to Silk Typhoon Charged With Stealing COVID Data
A 33-year-old Chinese national linked to the Silk Typhoon espionage group was arrested in Italy on a U.S. warrant that accuses him of conspiring with others in hacks of U.S. COVID-19 vaccine researchers and exploiting flaws in Microsoft Exchange Server to steal information for the Chinese government. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/chinese-hacker-linked-to-silk-typhoon-charged-with-stealing-covid-data/
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
ICC Contained Cyberattack Amid Espionage Threats and Pressure
International Criminal Court faces new “sophisticated” cyberattack in The Hague. Occurring near the NATO summit, this incident impacts the ICC as it handles major global cases. First seen on hackread.com Jump to article: hackread.com/icc-contained-cyberattack-espionage-threats-pressure/
-
Inside the ZIP Trap: How APT36 Targets BOSS Linux to Exfiltrate Critical Data
CYFIRMA has uncovered a highly sophisticated cyber-espionage campaign orchestrated by APT36, also known as Transparent Tribe, a Pakistan-based threat actor with a notorious history of targeting Indian defense and government sectors. This latest operation marks a significant shift in tactics, as APT36 adapts its arsenal to infiltrate Linux-based environments, specifically focusing on BOSS Linux, a…
-
APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools
The post APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt36-unleashes-linux-malware-transparent-tribe-targets-indian-government-with-go-based-espionage-tools/
-
“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage
The post “NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/nighteagle-apt-group-soars-over-chinas-critical-tech-zero-days-exchange-exploits-and-tailored-espionage/
-
Second espionage-linked cyberattack hits ICC, exposing persistent threats to global justice systems
Tags: attack, crime, crimes, cyber, cyberattack, cybersecurity, data, disinformation, espionage, identity, infrastructure, intelligence, international, Internet, office, resilience, russia, spy, threat, ukrainePattern of sophisticated cyber espionage: This marks the second major cybersecurity incident targeting the ICC in recent years. In September 2023, the court disclosed it had suffered what it later characterized as “a targeted and sophisticated attack with the objective of espionage” that was “a serious attempt to undermine the Court’s mandate.”According to reports following…
-
International Criminal Court swats away ‘sophisticated and targeted’ cyberattack
Body stays coy on details but alludes to similarities with 2023 espionage campaign First seen on theregister.com Jump to article: www.theregister.com/2025/07/01/international_criminal_court_cyberattack/
-
TA829 Hackers Use New TTPs and Enhanced RomCom Backdoor to Evade Detection
The cybercriminal group TA829, also tracked under aliases like RomCom, Void Rabisu, and Tropical Scorpius, has been observed deploying sophisticated tactics, techniques, and procedures (TTPs) alongside an updated version of its infamous RomCom backdoor, now dubbed SingleCamper (aka SnipBot). This group, known for blending financially motivated cybercrime with espionage campaigns often aligned with Russian state…
-
New Report Uncovers Major Overlaps in Cybercrime and State-Sponsored Espionage
Proofpoint has identified similarities between the tactics of a pro-Russian cyber espionage group and a cybercriminal gang First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/major-overlaps-cybercrime-espionage/
-
International Criminal Court Hit by “Sophisticated and Targeted” Attack
The ICC said the new incident was the second “of its type” it has faced in recent years, relating to an espionage attack in 2023 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/icc-sophisticated-targeted-attack/
-
LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage
Over 1,000 SOHO devices were hacked in a China-linked spying campaign called LapDogs, forming a covert network to support cyber espionage. Security researchers at SecurityScorecard’s STRIKE team have uncovered a cyber espionage campaign, dubbed LapDogs, involving over 1,000 hacked SOHO (small office/home office) devices. These compromised devices formed a hidden network, called an Operational Relay…
-
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups.The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard’s STRIKE team.”The LapDogs network has a high concentration of victims…
-
PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack
A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community.The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians’ Convention on Tibet (WPCT), China’s education policy in the Tibet Autonomous Region (TAR), and a recently published book by the…
-
Iranian APT35 Hackers Targeting High-Profile Cybersecurity Experts and Professors in Israel
The Iranian threat group Educated Manticore, also tracked as APT35, APT42, Charming Kitten, or Mint Sandstorm, has intensified its cyber-espionage operations targeting Israeli cybersecurity experts, computer science professors, and journalists. Associated with the Islamic Revolutionary Guard Corps’ Intelligence Organization (IRGC-IO), this advanced persistent threat (APT) group has been under scrutiny by Check Point Research for…
-
China-Nexus ‘LapDogs’ Network Thrives on Backdoored SOHO Devices
The campaign infected devices in the US and Southeast Asia to build an operational relay box (ORB) network for use as an extensive cyber-espionage infrastructure. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-lapdogs-network-backdoored-soho-devices
-
LapDogs Hackers Compromise 1,000 SOHO Devices Using Custom Backdoor for Stealthy Attacks
Security researchers at SecurityScorecard have uncovered a sprawling cyber-espionage campaign orchestrated by the LapDogs Operational Relay Box (ORB) Network, a sophisticated infrastructure compromising over 1,000 devices worldwide. Identified as a key tool for China-Nexus threat actors, LapDogs primarily targets Small Office/Home Office (SOHO) routers and IoT devices, particularly Linux-based systems, to facilitate covert operations. This…
-
China-linked APT Salt Typhoon targets Canadian Telecom companies
Canada and FBI warn of China-linked APT Salt Typhoon targeting Canadian telecom firms in ongoing cyber espionage operations. The Canadian Centre for Cyber Security and the FBI warn that China-linked APT cyber espionage group Salt Typhoon, is targeting Canadian telecom firms in espionage attacks. The Salt Typhoon hacking campaign, active for 12 years, has targeted…
-
China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom
The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign.The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0) to…
-
Canada says telcos were breached in China-linked espionage hacks
Salt Typhoon previously hacked phone and telco giants across the United States. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/23/canada-says-telcos-were-breached-in-china-linked-espionage-hacks/
-
APT36 Hackers Target Indian Defense Personnel with Sophisticated Phishing Campaign
APT36, also known as Transparent Tribe, a Pakistan-based cyber espionage group, has launched a highly sophisticated phishing campaign targeting Indian defense personnel. According to recent findings by CYFIRMA, this group has meticulously crafted phishing emails that deliver malicious PDF attachments disguised as official government documents. Cyber Espionage Group Transparent Tribe Strikes Again These deceptive files…
-
Chinese “LapDogs” ORB Network Targets US and Asia
SecurityScorecard has discovered a covert cyber-espionage botnet dubbed “LapDogs” linked to China First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-lapdogs-orb-network/
-
Surge in XSS Cyberattacks Targets Popular Webmail Platforms, ESET Reports
A recent report from ESET has uncovered a sophisticated cyber espionage campaign by the Russia-aligned Sednit group, targeting high-value webmail platforms through cross-site scripting (XSS) attacks. Dubbed Operation RoundPress, this operation has compromised popular webmail services such as Roundcube, Horde, MDaemon, and Zimbra, with a primary focus on governmental entities and defense organizations in Eastern…
-
Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign
The post Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/silver-fox-apt-chinese-threat-actor-deploys-trojanized-medical-software-in-stealth-espionage-campaign/
-
Silver Fox APT Uses Weaponized Medical Software to Deploy Remote Access Tools and Disable AV
The China-based advanced persistent threat (APT) group Silver Fox, also known as Void Arachne or The Great Thief of Valley, has been identified as the orchestrator of a complex multi-stage campaign targeting healthcare delivery organizations (HDOs) and public sector entities. Active since 2024 and believed to be state-sponsored, Silver Fox is deploying cyber espionage and…