Tag: espionage
-
Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign
In a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to a Chinese Advanced Persistent Threat (APT) group targeting large business-to-business IT service providers... First seen on securityonline.info Jump to article: securityonline.info/operation-digital-eye-chinese-apt-exploits-visual-studio-code-tunnels-in-high-stakes-espionage-campaign/
-
Chinese APT Groups Targets European IT Companies
Evidence Mounts for Chinese Hacking ‘Quartermaster’. A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign Operation Digital Eye. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt-groups-targets-european-companies-a-27030
-
Russian cyber spies hide behind other hackers to target Ukraine
Russian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-cyber-spies-hide-behind-other-hackers-to-target-ukraine/
-
Sprawling ‘Operation Digital Eye’ Attack Targets European IT Orgs
A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/operation-digital-eye-attack-targets-european-it-orgs
-
Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye.The intrusions took place from late June to mid-July 2024, cybersecurity companies SentinelOne SentinelLabs and Tinexta Cyber said in a joint report shared with The Hacker…
-
Suspected Russian hackers target Ukrainian defense enterprises in new espionage campaign
Ukraine’s military computer emergency response team said the group sent phishing emails disguised as invitations to a legitimate defense conference that took place in Kyiv last week.]]> First seen on therecord.media Jump to article: therecord.media/suspected-russian-hackers-target-ukrainian-enterprises-espionage
-
FCC proposes stronger telecom cyber rules as Salt Typhoon fallout continues
The agency’s proposed rule changes come two months after a China-government sponsored espionage campaign first came to light. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fcc-cyber-rules-salt-typhoon/734867/
-
BlueAlpha Exploits Cloudflare Tunnels for GammaDrop Malware Infrastructure
The Insikt Group has uncovered a sophisticated cyber-espionage operation conducted by BlueAlpha, a state-sponsored threat actor with links to the Russian Federal Security Service (FSB). The campaign targets Ukrainian entities... First seen on securityonline.info Jump to article: securityonline.info/bluealpha-exploits-cloudflare-tunnels-for-gammadrop-malware-infrastructure/
-
US Organization in China Falls Victim to Suspected Chinese Espionage Campaign
A recent report from the Symantec Threat Hunter Team reveals a troubling cyberespionage operation targeting a large US organization operating in China. The attack, suspected to be the work of... First seen on securityonline.info Jump to article: securityonline.info/us-organization-in-china-falls-victim-to-suspected-chinese-espionage-campaign/
-
Turla targets Pakistani APT infrastructure for espionage
First seen on scworld.com Jump to article: www.scworld.com/brief/turla-targets-pakistani-apt-infrastructure-for-espionage
-
Russian Hacker Secret Blizzard Hijack C2 Infrastructure in New Espionage Campaign
Lumen’s Black Lotus Labs has uncovered an elaborate campaign by the Russian threat actor Secret Blizzard (also known as Turla). This operation demonstrates their signature tradecraft of hijacking other groups’... First seen on securityonline.info Jump to article: securityonline.info/russian-hacker-secret-blizzard-hijack-c2-infrastructure-in-new-espionage-campaign/
-
Russian APT Hackers Co-Opt Pakistani Infrastructure
FSB Hackers Have Hijacked Others’ Command and Control Before. A Russian state hacking group hijacked the command and control infrastructure of a Pakistan-based espionage network as part of an ongoing intelligence-gathering operation targeting victims in Asia, finds a report from Microsoft and Black Lotus Labs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-apt-hackers-co-opt-pakistani-infrastructure-a-26982
-
US may plan legislation to contain Chinese cyber espionage
US senators were briefed behind closed doors this week on the scale of “Salt Typhoon,” an alleged Chinese cyber-espionage campaign targeting the nation’s telecommunications networks.The FBI, CISA, and other key agencies, who were part of the briefing, revealed that the sophisticated operation compromised at least eight US telecom firms, stealing metadata and call intercepts, including…
-
Russian Hackers Exploit Rival Attackers’ Infrastructure for Espionage
Tags: apt, blizzard, cyber, cybercrime, espionage, exploit, hacker, infrastructure, microsoft, russiaMicrosoft has found that Russian APT Secret Blizzard piggybacks on other cybercriminals’ infr4asytructure to conduct cyber espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russia-hackers-exploit-rival/
-
White House: Chinese telecom hacks have been in motion for years
A senior administration official said Wednesday the Salt Typhoon hack has impacted dozens of countries in a sweeping espionage campaign First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-national-security-council-chinese-spying/
-
Security teams should act now to counter Chinese threat, says CISA
Tags: 5G, access, apple, at&t, attack, authentication, china, cisa, cisco, communications, control, cyber, cybersecurity, data, encryption, espionage, exploit, google, government, hacker, infrastructure, linux, microsoft, mitigation, mobile, monitoring, network, nist, password, risk, service, siem, technology, theft, threat, vpn, vulnerabilitySecurity teams and individuals across the US need to take immediate precautions to counter the surveillance threat posed by Chinese ‘Salt Typhoon’ hackers, who have burrowed deep into telecoms infrastructure, according to the US Cybersecurity and Infrastructure Security Agency (CISA).CISA issued an official alert recommending defensive measures on December 3, as federal officials briefed journalists…
-
Russian-linked Turla caught using Pakistani APT infrastructure for espionage
Both Microsoft and Lumen’s BlackLotus Labs found Turla spying on Afghanistan and India via Pakistani infrastructure. First seen on cyberscoop.com Jump to article: cyberscoop.com/turla-infiltrates-pakistani-apt-networks-microsoft-lumen/
-
Senators Warn the Pentagon: Get a Handle on China’s Telecom Hacking
In a letter to the Department of Defense, senators Ron Wyden and Eric Schmitt are calling for an investigation into fallout from the Salt Typhoon espionage campaign. First seen on wired.com Jump to article: www.wired.com/story/senators-warn-pentagon-salt-typhoon-china-hacking/
-
Russian hackers hijack Pakistani hackers’ servers for their own attacks
The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156’s infrastructure to launch their own covert attacks on already compromised networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-turla-hackers-hijack-pakistani-apt-servers-for-cyber-espionage-attacks/
-
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks in a joint advisory. Australia, Canada, New Zealand, and the U.S. issued a joint advisory to warn of People’s Republic of China (PRC)-linked cyber espionage targeting telecom networks. >>The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal…
-
Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks
A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People’s Republic of China (PRC)-affiliated threat actors targeting telecommunications providers.”Identified exploitations or compromises associated with these threat actors’ activity align with existing weaknesses associated with victim infrastructure; no novel First seen on thehackernews.com…
-
BlackBerry Highlights Rising Software Supply Chain Risks in Malaysia
Tags: access, ai, attack, breach, ceo, ciso, communications, compliance, cyber, cyberattack, cybersecurity, data, detection, espionage, finance, framework, government, infrastructure, intelligence, international, Internet, iot, malware, mobile, monitoring, phishing, ransomware, regulation, resilience, risk, skills, software, strategy, supply-chain, threat, tool, training, vulnerabilityIn 2024, BlackBerry unveiled new proprietary research, underscoring the vulnerability of software supply chains in Malaysia and around the world.According to the study, 79% of Malaysian organizations reported cyberattacks or vulnerabilities in their software supply chains during the past 12 months, slightly exceeding the global average of 76%. Alarmingly, 81% of respondents revealed they had…
-
Chinese LIDAR Dominance a Cybersecurity Threat, Warns Think Tank
The Foundation for Defense of Democracies has warned that Chinese-made LIDAR sensors could be weaponized for espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-lidar-dominance/
-
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications
APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…
-
From US to UAE: APT35 Expands Reach in Cyber Espionage
The ThreatBook Research and Response Team has revealed a sophisticated campaign by APT35, also known as Magic Hound or Charming Kitten, targeting the aerospace and semiconductor industries across multiple countries,... First seen on securityonline.info Jump to article: securityonline.info/from-us-to-uae-apt35-expands-reach-in-cyber-espionage/
-
The New Face of Cyber Espionage: Inside the Two-Stage Infection Strategy of China-Linked Threat Actors
First seen on thefinalhop.com Jump to article: www.thefinalhop.com/china-linked-hackers-adopt-sophisticated-two-stage-infection-tactic-to-deploy-deuterbear-rat/
-
ANEL Backdoor Reactivated in Earth Kasha Cyber-Espionage Campaign
In June 2024, Trend Micro identified a new spear-phishing campaign targeting political organizations, research institutions, and think tanks in Japan. This operation, attributed to the cyber-espionage group Earth Kasha, marks... First seen on securityonline.info Jump to article: securityonline.info/anel-backdoor-reactivated-in-earth-kasha-cyber-espionage-campaign/
-
Russian Hackers Target Mozilla, Windows in New Exploit Chain
ESET Discovers Two Major Vulnerabilities Exploited by Russian RomCom Hacking Group. Two vulnerabilities in Mozilla products and Windows are actively exploited by RomCom, a Kremlin-linked cybercriminal group known for targeting businesses and conducting espionage, warn security researchers from Eset. Exploiting the two flaws together enables attackers to execute arbitrary code. First seen on govinfosecurity.com Jump…