Tag: espionage
-
Hunters International Claims Tata Technologies Cyberattack
Tags: breach, cyber, cyberattack, data, espionage, group, international, ransomware, service, technology, theftMultinational engineering and technology services firm Tata Technologies has reportedly fallen victim to a significant cyberattack claimed by the ransomware group Hunters International. According to recent social media reports, the breach allegedly resulted in the theft of 1.4 terabytes of sensitive data, raising concerns about potential industrial espionage and operational disruptions for high-profile clients such…
-
Lotus Blossom Hackers Target Southeast Asia with Sagerunex Backdoor
A sophisticated cyber espionage operation linked to the Lotus Blossom group has been discovered targeting government, manufacturing, telecommunications, First seen on securityonline.info Jump to article: securityonline.info/lotus-blossom-hackers-target-southeast-asia-with-sagerunex-backdoor/
-
China hacking has reached ‘inflection point’
In its 2025 Global Threat Report, CrowdStrike observed an increase in China’s cyber capabilities, with a focus on espionage and ‘pre-positioning’ itself in critical environments. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619774/CrowdStrike-China-hacking-has-reached-inflection-point
-
Cyber Espionage in Thailand: Chinese APT Deploys Yokai Malware
Cado Security Labs has uncovered a new malware campaign targeting the Royal Thai Police, attributed to the Chinese First seen on securityonline.info Jump to article: securityonline.info/cyber-espionage-in-thailand-chinese-apt-deploys-yokai-malware/
-
Australia bans government use of Kaspersky software over Russian espionage concerns
Kaspersky software “poses an unacceptable security risk to the Australian government, networks, and data,” Home Affairs Secretary Stephanie Foster said in announcing a ban on the cybersecurity company’s products. First seen on therecord.media Jump to article: therecord.media/kaspersky-australia-government-ban
-
Australia bans Kaspersky over national security concerns
Australia bans Kaspersky software over national security concerns, citing risks of foreign interference, espionage, and sabotage of government networks. Australian Government banned products and services provided by Russian cybersecurity firm Kaspersky over national security concerns. The Secretary of the Department of Home Affairs has issued a mandatory directive under the Protective Security Policy Framework (PSPF)…
-
Australia Bans Kaspersky Software Over National Security and Espionage Concerns
Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns.”After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data,…
-
North Korean APT28 Expands Cyber Espionage Campaign
A recent report from 360 Threat Intelligence Center has detailed the persistent cyber espionage activities of APT-C-28 (ScarCruft), First seen on securityonline.info Jump to article: securityonline.info/north-korean-apt-c-28-expands-cyber-espionage-campaign/
-
Australian Critical Infrastructure Faces ‘Acute’ Foreign Threats
The continent faces relentless military espionage, and increased cyber sabotage at the hands of authoritarian regimes, according to a high-ranking intelligence director. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/australian-critical-infrastructure-acute-foreign-threats
-
Russian cyberespionage groups target Signal users with fake group invites
QR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
-
A Signal Update Fends Off a Phishing Technique Used in Russian Espionage
Google warns that hackers tied to Russia are tricking Ukrainian soldiers with fake QR codes for Signal group invites that let spies steal their messages. Signal has pushed out new safeguards. First seen on wired.com Jump to article: www.wired.com/story/russia-signal-qr-code-phishing-attack/
-
EagerBee Malware Targets Government Agencies ISPs with Stealthy Backdoor Attack
A sophisticated cyber espionage campaign leveraging the EagerBee malware has been targeting government agencies and Internet Service Providers (ISPs) across the Middle East. This advanced backdoor malware, attributed to the Chinese-linked threat group CoughingDown, demonstrates cutting-edge stealth capabilities and persistence mechanisms, posing a significant threat to critical infrastructure in the region. Advanced Capabilities of EagerBee…
-
Mustang Panda Leverages Microsoft Tools to Bypass Anti-Virus Solutions
Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mustang-panda-microsoft-bypass/
-
Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign
The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024.The activity, detailed by Japanese cybersecurity company LAC, overlaps with a threat cluster tracked by Trend Micro as Earth Freybug, which has been assessed to be…
-
Chinese Hackers Emperor Dragonfly Use Espionage Tools for Ransomware
Cybersecurity experts at Symantec report that the Chinese threat actor Emperor Dragonfly has employed tools previously associated with First seen on securityonline.info Jump to article: securityonline.info/chinese-hackers-emperor-dragonfly-use-espionage-tools-for-ransomware/
-
CVE-2023-20198 CVE-2023-20273: RedMike Attacks 1,000+ Cisco Devices in Global Espionage Campaign
Cybersecurity researchers at Insikt Group have identified an ongoing cyber espionage campaign by RedMike (also tracked as Salt First seen on securityonline.info Jump to article: securityonline.info/cve-2023-20198-cve-2023-20273-redmike-attacks-1000-cisco-devices-in-global-espionage-campaign/
-
Stealth Attack: EarthKapre Leverages Cloud and DLL Sideloading for Data Exfiltration
Researchers at eSentire Threat Response Unit (TRU) uncovered a sophisticated cyber espionage campaign by RedCurl/EarthKapre, a threat group First seen on securityonline.info Jump to article: securityonline.info/stealth-attack-earthkapre-leverages-cloud-and-dll-sideloading-for-data-exfiltration/
-
New FinalDraft Malware Spotted in Espionage Campaign
A newly identified malware family abuses the Outlook mail service for communication, via the Microsoft Graph API. The post New FinalDraft Malware Spotted in Espionage Campaign appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-finaldraft-malware-spotted-in-espionage-campaign/
-
Ransomware gangs extort victims 17 hours after intrusion on average
Tags: access, business, credentials, data, encryption, espionage, exploit, extortion, government, group, healthcare, Intruder, malicious, malware, metric, monitoring, network, ransom, ransomware, service, tactics, technology, theft, threat, tool, vulnerability, zero-dayThe initial point of access for the attackers and the privileges it provided themHow easy it is to reach other network segments and systems from the initially compromised assetWhether access into the environment was resold to a ransomware operator by an initial access brokerWhether the attackers decided to operate only outside the victim’s regular business…
-
North Korea’s IT Worker Scam: How the Regime Infiltrates Global Tech Firms for Cyber Espionage
Cybersecurity researchers at Insikt Group have uncovered a sophisticated North Korean IT worker scam designed to infiltrate global First seen on securityonline.info Jump to article: securityonline.info/north-koreas-it-worker-scam-how-the-regime-infiltrates-global-tech-firms-for-cyber-espionage/
-
CVE-2024-1709 and CVE-2023-48788: Exploits Fueling Russia’s BadPilot Campaign
Microsoft Threat Intelligence has exposed a multiyear cyber espionage campaign conducted by a subgroup of the Russian state-sponsored First seen on securityonline.info Jump to article: securityonline.info/cve-2024-1709-and-cve-2023-48788-exploits-fueling-russias-badpilot-campaign/
-
Chinese Cyber-Spies Use Espionage Tools for Ransomware Side Hustle
A Chinese threat actor who targeted an Asian software company used the same toolset for the ransomware attack that was found in multiple cyberespionage incidents, leaving Symantec analysts to believe the hacker was a Chinese spy who used the malicious tools to earn some money on the side. First seen on securityboulevard.com Jump to article:…
-
Salt Typhoon Exploits Cisco Devices in Telco Infrastructure
The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/salt-typhoon-exploits-cisco-devices-telco-infrastructure
-
Ukraine warns of growing AI use in Russian cyber-espionage operations
Russia is using artificial intelligence to boost its cyber-espionage operations, Ihor Malchenyuk of Ukraine’s State Service of Special Communications and Information Protection (SSCIP), said at the Munich Cyber Security Conference. First seen on therecord.media Jump to article: therecord.media/russia-ukraine-cyber-espionage-artificial-intelligence
-
REF7707 Hackers Target Windows Linux Systems with FINALDRAFT Malware
Elastic Security Labs has uncovered a sophisticated cyber-espionage campaign, tracked as REF7707, targeting entities across South America and Southeast Asia. Central to this operation is the deployment of a novel malware family named FINALDRAFT, which has been engineered to exploit both Windows and Linux systems. The campaign highlights the increasing use of legitimate cloud services,…
-
China-Linked Espionage Tools Used in Recent Ransomware Attack
Symantec found that tools previously only used by Chinese nation-state espionage actors were deployed in a ransomware attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-espionage-tools-ransomware/
-
APT Groups Using Ransomware ‘Smokescreen’ for Espionage
Russian, Iranian and Chinese APTs Among Most Active Ransomware Collaborators. Security researchers are increasingly finding it challenging to attribute cyberattacks due to surging cooperation between nation-state hackers and ransomware groups, especially for espionage purposes. They say it reflects the blurring of the lines between state-directed and criminal activities. First seen on govinfosecurity.com Jump to article:…
-
Chinese APT ‘Emperor Dragonfly’ Moonlights With Ransomware
Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-apt-emperor-dragonfly-ransomware-attack
-
The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets
Researchers at cybersecurity firm Resecurity detected a rise in cyberattacks targeting UAV and counter-UAV technologies. Resecurity identified an increase in malicious cyber activity targeting UAV and counter-UAV (C-UAV/C-UAS) technologies. That was especially notable during active periods of local conflicts, including the escalation of the Russia-Ukraine war and the Israel-Hamas confrontation. The trend of malicious targeting…