Tag: espionage
-
Chinese State-Sponsored Hackers Targeting Telecommunications Infrastructure to Steal Sensitive Data
Tags: china, communications, cyber, data, espionage, exploit, group, hacker, infrastructure, intelligence, network, threatChinese state-sponsored cyber threat group Salt Typhoon has intensified long-term espionage operations against global telecommunications infrastructure, according to recent legal and intelligence reporting. Aligned with the Ministry of State Security (MSS) and active since at least 2019, Salt Typhoon has systematically exploited network edge devices to establish deep persistence and exfiltrate highly sensitive communications metadata,…
-
RedNovember Hackers Targeting Government and Tech Organizations to Install Backdoor
In July 2024, Recorded Future’s Insikt Group publicly exposed TAG-100, a cyber-espionage campaign leveraging the Go-based backdoor Pantegana against high-profile government, intergovernmental and private organizations worldwide. New evidence now attributes TAG-100 to a Chinese state-sponsored threat actor, designated RedNovember. Between June 2024 and July 2025, RedNovember”, overlapping with Storm-2077″, has expanded its operations to target…
-
Chinese State-Sponsored Hackers Targeting Telecommunications Infrastructure to Steal Sensitive Data
Tags: china, communications, cyber, data, espionage, exploit, group, hacker, infrastructure, intelligence, network, threatChinese state-sponsored cyber threat group Salt Typhoon has intensified long-term espionage operations against global telecommunications infrastructure, according to recent legal and intelligence reporting. Aligned with the Ministry of State Security (MSS) and active since at least 2019, Salt Typhoon has systematically exploited network edge devices to establish deep persistence and exfiltrate highly sensitive communications metadata,…
-
Iranian APT >>Nimbus Manticore<< Intensifies Cyber Espionage in Europe
The post Iranian APT >>Nimbus Manticore
-
Iranian Hacking Group Nimbus Manticore Expands European Targeting
Nimbus Manticore intensified European cyber-espionage, targeting aerospace, telecom, defense sectors First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-nimbus-manticore-european/
-
Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense
The post Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/subtle-snail-iran-linked-espionage-campaign-targets-european-telecom-aerospace-and-defense/
-
Subtle Snail Impersonation Tactics: How HR Representatives Can Engage Employees to Steal Login Credentials
Subtle Snail, an Iran-linked espionage group also tracked as UNC1549 under the Unyielding Wasp (Tortoiseshell) umbrella of the Charming Kitten network, has shifted its focus to European telecom, aerospace, and defense firms since June 2022. In a recent wave of attacks, the group compromised 34 devices across 11 organizations by masquerading as human resources representatives…
-
MI6 Opens Dark Web Portal >>Silent Courier<< for Russians to Share Secrets
The UK’s spy agency, MI6, has launched a new dark web portal called Silent Courier to securely recruit agents worldwide, particularly from Russia. Learn how this shift to the dark web marks a new era in modern espionage and national security. First seen on hackread.com Jump to article: hackread.com/mi6-dark-web-portal-silent-courier-russia-secrets/
-
Pentagon Bans China-Based Engineers Over Hacking Concerns
The Pentagon bans China-based staff from cloud work after reports warn of espionage risks and urge tighter supply chain security. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/pentagon-bans-china-based-engineers-over-hacking-concerns/
-
UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware
An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn.Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It’s assessed to be affiliated with Iran’s Islamic First…
-
Russian State Hackers Collaborate in Attacks Against Ukraine
ESET found that the FSB-affiliated groups, Gamaredon and Turla, are sharing tools to help conduct espionage attacks against Ukrainian organizations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-state-hackers-collaborate/
-
Russian CopyCop Network Expands: 200+ Fake News Sites Target US, Canada, and France
The Russian covert influence network known as CopyCop has significantly expanded its disinformation operations, creating over 200 new fake websites since March 2025 to target audiences in the United States, France, and Canada. Digital fingerprint over the Russian flag symbolizing Russian GRU cyber espionage and influence operations This dramatic escalation represents the largest documented expansion…
-
China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
China-linked group APT41 impersonated a U.S. lawmaker in phishing attacks on government, think tanks, and academics tied to US-China trade and policy. Proofpoint observed China-linked cyber espionage group APT41 impersonating a U.S. lawmaker in a phishing campaign targeting government, think tanks, and academics tied to U.S.-China trade and policy. APT41, known also as Amoeba, BARIUM,…
-
China-Aligned TA415 Exploits Google Sheets Calendar for C2
China-aligned TA415 hackers have adopted Google Sheets and Google Calendar as covert command-and-control (C2) channels in a sustained espionage campaign targeting U.S. government, academic, and think tank entities. By blending malicious operations into trusted cloud services, TA415 aims to evade detection and harvest intelligence on evolving U.S.China economic policy discussions. Throughout July and August 2025,…
-
China-Aligned TA415 Exploits Google Sheets Calendar for C2
China-aligned TA415 hackers have adopted Google Sheets and Google Calendar as covert command-and-control (C2) channels in a sustained espionage campaign targeting U.S. government, academic, and think tank entities. By blending malicious operations into trusted cloud services, TA415 aims to evade detection and harvest intelligence on evolving U.S.China economic policy discussions. Throughout July and August 2025,…
-
APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage
The post APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt28s-beardshell-campaign-steganography-cloud-abuse-and-persistent-espionage/
-
EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core component, EggStremeAgent, is a full-featured backdoor that enables extensive system reconnaissance, lateral movement, and data…
-
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems
An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme.”This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads,” Bitdefender First seen on thehackernews.com Jump to…
-
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations
The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.China trade talks.”These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business…
-
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations
The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.China trade talks.”These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business…
-
Chinese Cyber Espionage Campaign Impersonates US Congressman
A House select committee said Chinese actors impersonated Representative John Moolenaar to steal information that could be used to influence trade talks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-espionage-impersonates-us/
-
Chinese Cyber Espionage Campaign Impersonates US Congressman
A House select committee said Chinese actors impersonated Representative John Moolenaar to steal information that could be used to influence trade talks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-espionage-impersonates-us/
-
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Tags: breach, china, corporate, cyber, cybersecurity, espionage, government, hacker, infrastructure, malicious, network, threatCybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of 45 malicious domains dating back to 2020 demonstrates the extensive reach and long-term persistence of…
-
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Tags: breach, china, corporate, cyber, cybersecurity, espionage, government, hacker, infrastructure, malicious, network, threatCybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of 45 malicious domains dating back to 2020 demonstrates the extensive reach and long-term persistence of…
-
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Tags: breach, china, corporate, cyber, cybersecurity, espionage, government, hacker, infrastructure, malicious, network, threatCybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of 45 malicious domains dating back to 2020 demonstrates the extensive reach and long-term persistence of…
-
45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage
Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841.”The domains date back several years, with the oldest registration activity occurring in May 2020, further confirming that the 2024 Salt Typhoon attacks were not the first activity carried…
-
Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure
Tags: china, cyber, cyberespionage, cybersecurity, espionage, group, healthcare, infrastructure, risk, threatCzech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic’s National Cyber and Information Security Agency (NUKIB) warns of growing risks from Chinese-linked technologies in critical sectors like energy, healthcare, transport, and government. The agency warns of risks from Chinese-made devices (phones,…
-
Cybersecurity Snapshot: Expert Advice for Securing Critical Infrastructure’s OT and Industrial Control Systems, IoT Devices and Network Infrastructure
Tags: access, advisory, apt, attack, authentication, breach, china, cisa, cisco, cloud, compliance, computer, computing, control, credentials, cryptography, cve, cyber, cybersecurity, data, defense, detection, espionage, exploit, firmware, framework, google, government, guide, hacker, Hardware, incident response, infrastructure, international, Internet, iot, login, mfa, military, mitigation, monitoring, network, nist, organized, password, phishing, ransomware, regulation, risk, russia, sans, service, software, technology, theft, threat, tool, update, vulnerability, zero-trustDestructive cyber attacks against critical infrastructure have unfortunately become increasingly frequent. Just last week, multinational government agencies blared the alarm about a global cyber espionage campaign targeting critical infrastructure networks. With this type of cyber threat in the spotlight, we’re rounding up recent cyber advice for securing critical infrastructure. In case you missed it, here…
-
Response to CISA Advisory (AA25-239A): Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System
In response to the CISA Advisory (AA25-239A), AttackIQ has updated the assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the Chinese adversary Salt Typhoon and released a new attack graph emulating the behaviors exhibited during the SparrowDoor and ShadowPad campaign in March 2025. First seen on securityboulevard.com Jump to…