Tag: espionage
-
China-linked APT UNC3886 targets EoL Juniper routers
Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper NetworksJunos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to…
-
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected. First seen on hackread.com Jump to article: hackread.com/chinese-group-unc3886-backdoor-juniper-routers/
-
SideWinder APT Group: Maritime Nuclear Targets, Evolved Malware
The SideWinder Advanced Persistent Threat (APT) group has expanded its cyber-espionage operations, targeting the maritime and nuclear sectors First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-group-maritime-nuclear-targets-evolved-malware/
-
North Korean Cyber Espionage Group Kimsuky Exploits University Website in Watering Hole Attack
Cybersecurity researchers from ESTsecurity’s Security Response Center (ESRC) have uncovered a new watering hole attack campaign attributed to First seen on securityonline.info Jump to article: securityonline.info/north-korean-cyber-espionage-group-kimsuky-exploits-university-website-in-watering-hole-attack/
-
Spyware in bogus Android apps is attributed to North Korean group
A North Korean nation-state group tracked as APT37 or ScarCruft placed infected utilities in Android app stores as part of an espionage campaign, according to researchers at Lookout. First seen on therecord.media Jump to article: therecord.media/north-korea-malware-android-apps-kospy-apt37-scarcruft
-
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure.”The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that…
-
Chinese Hackers Implant Backdoor Malware on Juniper Routers
Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-backdoor-malware-juniper/
-
UK ‘Extremely Worried’ About Cyberthreats
Risk of Espionage and Disruption Key Risks, Lawmakers Warned. The British government is extremely worried about the Chinese and Russian cyberespionage and disruptive hacks, government officials told the U.K. Public Accounts Committee on Monday. The United Kingdom has faced a substantial escalation in cyberthreats in the last three years, lawmakers heard. First seen on govinfosecurity.com…
-
UK ‘Extremely Worried’ About Cyber Threats
Risk of Espionage and Disruption Key Risks, Lawmakers Warned. The British government is extremely worried about the Chinese and Russian cyber espionage and disruptive hacks, government officials told the UK Public Accounts Committee on Monday. The United Kingdom has faced a substantial escalation in cyberthreats in the last three years, lawmakers heard. First seen on…
-
Blind Eagle: “¦And Justice for All
ey Points Introduction APT-C-36, also known as Blind Eagle, is a threat group that engages in both espionage and cybercrime. It primarily targets organizations in Colombia and other Latin American countries. Active since 2018, this Advanced Persistent Threat (APT) group focuses on government institutions, financial organizations, and critical infrastructure. Blind Eagle is known for employing…
-
âš¡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact
Cyber threats today don’t just evolve”, they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds”, ranging from nation-state espionage and ransomware to manipulated AI chatbots”, the landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our First seen on…
-
UK Cybersecurity Weekly News Roundup 9 March 2025
Tags: android, attack, backdoor, breach, china, cloud, compliance, computer, cyber, cyberattack, cybercrime, cybersecurity, data, espionage, exploit, government, group, hacker, infrastructure, international, malware, microsoft, network, ransomware, regulation, resilience, service, skills, software, theft, update, vulnerabilityWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. Microsoft Engineer’s Transition to Cybersecurity Ankit Masrani, a 36-year-old software engineer, successfully transitioned into a cybersecurity role at Microsoft. With a background in IT and a Master’s degree in computer science, Masrani secured…
-
Canadian intelligence agency warns of threat AI poses to upcoming elections
Influence and espionage campaigns, boosted by AI, are likely to be aimed at Canada’s upcoming elections, says a new report from the CSE, the country’s signals and cyber intelligence agency. First seen on therecord.media Jump to article: therecord.media/canada-cyber-agency-elections-warning-ai-
-
Zero-Day Attacks Stolen Keys: Silk Typhoon Breaches Networks
Microsoft Threat Intelligence has uncovered a strategic shift in the tactics of Silk Typhoon, a Chinese state-backed cyber-espionage First seen on securityonline.info Jump to article: securityonline.info/zero-day-attacks-stolen-keys-silk-typhoon-breaches-networks/
-
UNK_CraftyCamel: New Threat Group Using Polyglot Malware in UAE
Cybersecurity researchers at Proofpoint have identified a highly targeted cyber-espionage campaign employing polyglot malware to compromise aviation, satellite First seen on securityonline.info Jump to article: securityonline.info/unk_craftycamel-new-threat-group-using-polyglot-malware-in-uae/
-
Microsoft Warns of Silk Typhoon Hackers Exploiting Cloud Services to Attack IT Supply Chain
Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions such as remote management tools and cloud applications for initial access. This well-resourced and technically proficient threat actor has demonstrated a large targeting footprint among Chinese threat actors, exploiting vulnerabilities in edge devices…
-
Silk Typhoon hackers now target IT supply chains to breach networks
Microsoft warns that Chinese cyber-espionage threat group ‘Silk Typhoon’ has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/silk-typhoon-hackers-now-target-it-supply-chains-to-breach-networks/
-
Chinese Silk Typhoon Group Targets IT Tools for Network Breaches
Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks. First seen on hackread.com Jump to article: hackread.com/chinese-silk-typhoon-group-it-tools-network-breaches/
-
Silk Typhoon Shifts Tactics to Exploit Common IT Solutions
Chinese espionage group Silk Typhoon is increasingly exploiting common IT solutions to infiltrate networks and exfiltrate data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/silk-typhoon-exploits-common/
-
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America
The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024.The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a “full suite of espionage features.””It could upload…
-
Operation Sea Elephant Cyber-Espionage Campaign Targeting South Asia
A recent report from Qi’anxin Threat Intelligence Center exposes an advanced cyber-espionage campaign dubbed Operation Sea Elephant, which First seen on securityonline.info Jump to article: securityonline.info/operation-sea-elephant-cyber-espionage-campaign-targeting-south-asia/
-
Enhancing security with Microsoft’s expanded cloud logs
Nation-state-sponsored hacking stories are a big part of everyone’s favourite Hollywood movies”‰”, “‰that is, until it becomes a real-life story of our own compromised personal or corporate sensitive data ending up on the dark web or in hackers’ hands. In real life, cyber espionage groups’ activities trigger stringent security enforcement. First in the government sector,…
-
New Cyber-Espionage Campaign Targets UAE Aviation and Transport
A cyber-espionage campaign targeting UAE aviation and transport has been identified by researchers, using customized lures to deploy Sosano malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/espionage-campaign-targets-uae/
-
Hackers Exploiting Business Relationships to Attack Arab Emirates Aviation Sector
Tags: attack, business, communications, cyber, espionage, exploit, hacker, infrastructure, malware, threatA sophisticated cyber espionage campaign targeting the aviation and satellite communications sectors in the United Arab Emirates has been uncovered by Proofpoint researchers. The operation, attributed to a threat cluster dubbed >>UNK_CraftyCamel,
-
Researchers Unveil APT28’s Advanced HTA Trojan Obfuscation Tactics
Security researchers have uncovered sophisticated obfuscation techniques employed by APT28, a Russian-linked advanced persistent threat (APT) group, in their HTA (HTML Application) Trojan. The analysis, part of an ongoing investigation into APT28’s cyber espionage campaigns targeting Central Asia and Kazakhstan, highlights the group’s use of multi-layered obfuscation and the VBE (VBScript Encoded) technique to evade…
-
Dark Caracal group might have refreshed its malware, researchers say
Dark Caracal, a group suspected of cyber mercenary activities, appeared to shift to a new espionage tool in a campaign aimed at Latin American targets, according to researchers. First seen on therecord.media Jump to article: therecord.media/dark-caracal-hackers-poco-rat-bandook