Tag: espionage
-
China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region.”The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware,” Kaspersky researchers Denis Kulik and Daniil Pogorelov said. “One of the C2s [command-and-control servers] was a…
-
Singapore under ongoing cyber attack from APT group
Nation-state actor UNC3886 is actively targeting Singapore’s critical national infrastructure in a sophisticated espionage and disruption campaign, with the government mounting a whole-of-government response First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627926/Singapore-under-ongoing-cyber-attack-from-APT-group
-
UNG0002: Stealthy South Asian APT Group Unleashes New Malware in Cyber Espionage Campaigns Across Asia
The post UNG0002: Stealthy South Asian APT Group Unleashes New Malware in Cyber Espionage Campaigns Across Asia appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/ung0002-stealthy-south-asian-apt-group-unleashes-new-malware-in-cyber-espionage-campaigns-across-asia/
-
China-Aligned APTs Intensify Cyber Espionage on Taiwan’s Semiconductor Industry
The post China-Aligned APTs Intensify Cyber Espionage on Taiwan’s Semiconductor Industry appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/china-aligned-apts-intensify-cyber-espionage-on-taiwans-semiconductor-industry/
-
Singapore warns China-linked group UNC3886 targets its critical infrastructure
Singapore says China-linked group UNC3886 targeted its critical infrastructure by hacking routers and security devices. Singapore accused China-linked APT group UNC3886 of targeting its critical infrastructure. UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in…
-
These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more
These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/19/these-are-our-favorite-cyber-books-on-hacking-espionage-crypto-surveillance-and-more/
-
UK ties GRU to stealthy Microsoft 365 credential-stealing malware
The UK National Cyber Security Centre (NCSC) has formally attributed ‘Authentic Antics’ espionage malware attacks to APT28 (Fancy Bear), threat actor already linked to Russia’s military intelligence service (GRU). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-ties-russian-gru-to-authentic-antics-credential-stealing-malware/
-
UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 (aka Unknown Group 0002) as part of a broader cyber espionage campaign.”This threat entity demonstrates a strong preference for using shortcut files (LNK), VBScript, and post-exploitation tools such as Cobalt Strike and Metasploit, while consistently…
-
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Tags: cyber, cyberespionage, cybersecurity, espionage, finance, government, group, hacker, military, russia, toolFancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit 26165, pursues motivations encompassing financial gain, reputational sabotage, espionage, and political agendas. Their operations frequently…
-
How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
A new report traces the history of the early wave of Chinese hackers who became the backbone of the state’s espionage apparatus. First seen on wired.com Jump to article: www.wired.com/story/china-honkers-elite-cyber-spies/
-
Russia Linked to New Malware Targeting Email Accounts for Espionage
Russian military intelligence-linked hackers are using a new malware called “Authentic Antics” to secretly access Microsoft cloud email accounts, the UK’s NCSC reports First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-malware-targeting-email/
-
China-Backed Hackers Intensify Attacks on Taiwan Chipmakers
3 State-Sponsored Groups Spear-Phish Semiconductor Ecosystem. Chinese state-aligned hackers have ramped up espionage efforts against Taiwan’s semiconductor ecosystem through spear-phishing campaigns. Three distinct threat actors targeted chipmakers, packaging and testing firms, equipment suppliers and financial analysts. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/china-backed-hackers-intensify-attacks-on-taiwan-chipmakers-a-29004
-
China-linked hackers target Taiwan chip firms in a coordinated espionage campaign
Tags: access, ai, attack, china, compliance, control, credentials, cyber, cybersecurity, detection, email, espionage, exploit, finance, framework, government, group, hacker, intelligence, international, login, monitoring, network, phishing, software, supply-chain, technology, threat, warfareInvestment banks in the crosshairs: A second group, UNK_DropPitch, targeted the financial ecosystem surrounding Taiwan’s semiconductor industry. This group conducted phishing campaigns against investment banks, focusing on individuals specializing in Taiwanese semiconductor analysis. The phishing emails purported to come from fictitious financial firms seeking collaboration opportunities.The third group, UNK_SparkyCarp, focused on credential harvesting through sophisticated…
-
Hackers Exploit Ivanti and Fortinet VPN Vulnerabilities in Attacks on Japanese Companies
Cyber espionage campaigns against Japanese companies have increased in fiscal year 2024, which runs from April 2024 to March 2025, according to a thorough analysis published by Macnica’s Security Research Center. The main objective of these campaigns is to exfiltrate sensitive data, including manufacturing blueprints, policy-related documents, and personal information. Since initiating monitoring in 2014,…
-
Government Organizations Targeted via AWS Lambda URL Endpoint Exploits
Tags: cyber, data, endpoint, espionage, exploit, government, intelligence, monitoring, network, threatUnit 42 researchers from Palo Alto Networks have been monitoring a sophisticated threat cluster designated CL-STA-1020, which has been systematically targeting governmental entities across Southeast Asia. This operation focuses on extracting sensitive data from government agencies, particularly details surrounding recent tariffs and trade disputes, underscoring a motive rooted in espionage and intelligence gathering. The campaign…
-
Airline executive agrees to dismiss litigation around alleged hackhire scheme
The cases, which stretched across multiple continents and shed light on the shady world of corporate espionage and mercenary hackers, stemmed from a scheme allegedly orchestrated by an attorney at the law firm Dechert to hack into Azima’s accounts for one of its clients. First seen on therecord.media Jump to article: therecord.media/airline-exec-agrees-to-dismiss-hack-for-hire-lawsuit
-
Indian Cyber Espionage Group Targets Italian Government
DoNot APT, also known as APT-C-35, traditionally operates exclusively in South Asia First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/indian-cyber-espionage-italian/
-
Chinese Hacker Linked to Silk Typhoon Charged With Stealing COVID Data
A 33-year-old Chinese national linked to the Silk Typhoon espionage group was arrested in Italy on a U.S. warrant that accuses him of conspiring with others in hacks of U.S. COVID-19 vaccine researchers and exploiting flaws in Microsoft Exchange Server to steal information for the Chinese government. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/chinese-hacker-linked-to-silk-typhoon-charged-with-stealing-covid-data/
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
ICC Contained Cyberattack Amid Espionage Threats and Pressure
International Criminal Court faces new “sophisticated” cyberattack in The Hague. Occurring near the NATO summit, this incident impacts the ICC as it handles major global cases. First seen on hackread.com Jump to article: hackread.com/icc-contained-cyberattack-espionage-threats-pressure/
-
Inside the ZIP Trap: How APT36 Targets BOSS Linux to Exfiltrate Critical Data
CYFIRMA has uncovered a highly sophisticated cyber-espionage campaign orchestrated by APT36, also known as Transparent Tribe, a Pakistan-based threat actor with a notorious history of targeting Indian defense and government sectors. This latest operation marks a significant shift in tactics, as APT36 adapts its arsenal to infiltrate Linux-based environments, specifically focusing on BOSS Linux, a…
-
APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools
The post APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt36-unleashes-linux-malware-transparent-tribe-targets-indian-government-with-go-based-espionage-tools/
-
“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage
The post “NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/nighteagle-apt-group-soars-over-chinas-critical-tech-zero-days-exchange-exploits-and-tailored-espionage/
-
Second espionage-linked cyberattack hits ICC, exposing persistent threats to global justice systems
Tags: attack, crime, crimes, cyber, cyberattack, cybersecurity, data, disinformation, espionage, identity, infrastructure, intelligence, international, Internet, office, resilience, russia, spy, threat, ukrainePattern of sophisticated cyber espionage: This marks the second major cybersecurity incident targeting the ICC in recent years. In September 2023, the court disclosed it had suffered what it later characterized as “a targeted and sophisticated attack with the objective of espionage” that was “a serious attempt to undermine the Court’s mandate.”According to reports following…
-
International Criminal Court swats away ‘sophisticated and targeted’ cyberattack
Body stays coy on details but alludes to similarities with 2023 espionage campaign First seen on theregister.com Jump to article: www.theregister.com/2025/07/01/international_criminal_court_cyberattack/
-
TA829 Hackers Use New TTPs and Enhanced RomCom Backdoor to Evade Detection
The cybercriminal group TA829, also tracked under aliases like RomCom, Void Rabisu, and Tropical Scorpius, has been observed deploying sophisticated tactics, techniques, and procedures (TTPs) alongside an updated version of its infamous RomCom backdoor, now dubbed SingleCamper (aka SnipBot). This group, known for blending financially motivated cybercrime with espionage campaigns often aligned with Russian state…
-
New Report Uncovers Major Overlaps in Cybercrime and State-Sponsored Espionage
Proofpoint has identified similarities between the tactics of a pro-Russian cyber espionage group and a cybercriminal gang First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/major-overlaps-cybercrime-espionage/
-
International Criminal Court Hit by “Sophisticated and Targeted” Attack
The ICC said the new incident was the second “of its type” it has faced in recent years, relating to an espionage attack in 2023 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/icc-sophisticated-targeted-attack/