Collecting Cyber-News from over 60 sources

Tag: espionage

Squid Werewolf Mimics Recruiters to Target Job Seekers and Steal Personal Data

Mar 18, 2025 2:52 PM

Tags: cyber, data, espionage, group, intelligence, jobs, malicious, phishing, threat

In a sophisticated phishing campaign uncovered by the BI.ZONE Threat Intelligence team, the Squid Werewolf group, also known as APT37, has been impersonating recruiters to target key employees in various organizations. This espionage cluster uses fake job opportunities to lure victims into opening malicious attachments, which ultimately lead to system compromise and data theft. Phishing…
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation

Mar 18, 2025 12:52 PM

Tags: attack, backdoor, china, cyber, espionage, malware, threat

Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a backdoor known as ANEL.The attack, detected by ESET in late August 2024, singled out a Central European diplomatic institute with lures related to Word Expo,…
Denmark Issues Warning on Major Cyber Attacks Targeting Telecom Sector

Mar 18, 2025 6:52 AM

Tags: attack, cyber, espionage, risk, threat

Denmark has announced a heightened alert status for the telecommunications sector due to an increased threat from cyber attacks. According to a recent threat assessment by the Danish Agency for Social Security, the risk level for cyber espionage against the Danish telecom sector has been elevated to >>HIGH.
Denmark Warns of Increased Cyber Espionage Against Telecom Sector

Mar 17, 2025 10:52 PM

Tags: cyber, cyberattack, espionage, threat

A new threat assessment from the Danish Civil Protection Authority (SAMSIK) warned of cyberattacks targeting the telecommunications sector after citing a wave of incidents hitting European organizations the past few years. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/denmark-warns-increased-cyber-espionage-telecom-sector
GitHub accounts targeted with fake security alerts

Mar 17, 2025 2:52 PM

Tags: access, attack, cloud, cyber, espionage, github, korea, login, north-korea

Possible DPRK links: Luc4m’s X post hinted at possible nation-state connections, adding, “Smells #DPRK?” While nothing else was said on the X thread, North Korea is known for using click-fix attacks for its cyber espionage activities, with Contagious Interviews being a prominent one of those campaigns.All GitHub fake alerts included the same login information, location:…
FCC creates national security council to counter cyber threats from China

Mar 17, 2025 1:52 PM

Tags: 5G, access, ai, attack, breach, china, communications, computing, cyber, cyberattack, cybersecurity, data, espionage, government, group, hacking, incident, infrastructure, Internet, microsoft, office, strategy, supply-chain, technology, threat, vulnerability

Three-pronged strategy: The council will pursue a tripartite strategy focusing on reducing dependency, mitigating vulnerabilities, and ensuring American technological leadership.First, it aims to reduce American technology and telecommunications sectors’ trade and supply chain dependencies on foreign adversaries. This goal aligns with broader government efforts to “friend-shore” critical technology supply chains and decrease reliance on potentially…
Attackers attempted hijacking 12,000 GitHub accounts with click-fix alerts

Mar 17, 2025 1:52 PM

Tags: access, attack, cloud, cyber, espionage, github, korea, login, north-korea

Possible DPRK links: Luc4m’s X post hinted at possible nation-state connections, adding, “Smells #DPRK?” While nothing else was said on the X thread, North Korea is known for using click-fix attacks for its cyber espionage activities, with Contagious Interviews being a prominent one of those campaigns.All GitHub fake alerts included the same login information, location:…
Denmark warns of increased state-sponsored campaigns targeting the European telcos

Mar 17, 2025 1:52 AM

Tags: cyber, cybersecurity, espionage, threat

Denmark ‘s cybersecurity agency warns of increased state-sponsored campaigns targeting the European telecom companies Denmark raised the cyber espionage threat level for its telecom sector from medium to high due to rising threats across Europe. The Danish Social Security Agency published a new threat assessment for the cyber threat to the telecommunications sector that highlights…
Squid Werewolf APT Masquerades as Recruiters in Espionage Campaign Targeting Key Employees

Mar 15, 2025 5:52 AM

Tags: apt, cyber, espionage, intelligence, threat

The BI.ZONE Threat Intelligence team has uncovered a new cyber-espionage campaign attributed to Squid Werewolf, also known as First seen on securityonline.info Jump to article: securityonline.info/squid-werewolf-apt-masquerades-as-recruiters-in-espionage-campaign-targeting-key-employees/
Chinese espionage group UNC3886 targets Juniper routers

Mar 14, 2025 6:52 PM

Tags: backdoor, china, espionage, group, monitoring, network, router, threat, update

Advanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620812/Chinese-espionage-group-UNC3886-targets-Juniper-routers
Europe’s telecoms sector under increased threat from cyber spies, warns Denmark

Mar 14, 2025 1:52 PM

Tags: cyber, espionage, network, threat

State-sponsored cyber espionage is a bigger threat than ever to Europe’s telecommunications networks, according to a new assessment from Denmark’s government. First seen on therecord.media Jump to article: therecord.media/europe-increased-cyber-espionage-telecoms-denmark-report
Silk Typhoon Targeting IT Supply Chains and Network Devices, Microsoft Reports

Mar 14, 2025 12:52 AM

Tags: china, espionage, exploit, group, intelligence, microsoft, network, supply-chain, tactics, threat

Microsoft Threat Intelligence has issued new reporting about tactics being used by Silk Typhoon (also called APT27 or HAFNIUM by some researchers). Silk Typhoon is a Chinese espionage group, observed targeting Microsoft Exchange Servers in 2021, now reported to be targeting common IT solutions for initial access. Microsoft reports that Silk Typhoon exploits unpatched applications,……
5 Things To Know About China-Linked Juniper Router Attacks

Mar 13, 2025 9:53 PM

Tags: attack, china, espionage, exploit, mandiant, network, router, vulnerability

Juniper Networks has released a fix for a Junos OS vulnerability, which Mandiant researchers say has been exploited by a China-based espionage group. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-things-to-know-about-china-linked-juniper-router-attacks
FCC launches national security unit to counter state-linked threats to US telecoms

Mar 13, 2025 6:52 PM

Tags: cyber, espionage, threat

The new council is part of an;effort to thwart Salt Typhoon and other cyber espionage groups. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fcc-national-security-council/742440/
North Korean Hackers Use Google Play Malware to Steal SMS, Calls Screenshots

Mar 13, 2025 1:52 PM

Tags: android, cyber, cybersecurity, espionage, google, hacker, malicious, malware, north-korea, spyware, threat, tool

Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed >>KoSpy,
Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor

Mar 13, 2025 6:52 AM

Tags: backdoor, china, cyber, cybersecurity, espionage, exploit, group, infrastructure, mandiant, network, router, tactics

Cybersecurity researchers have uncovered a sophisticated cyber espionage campaign targeting critical network infrastructure, marking a significant evolution in tactics by Chinese state-sponsored hackers. Mandiant, a leading cybersecurity firm, has discovered multiple custom backdoors deployed on Juniper Networks’ routers, attributing the activity to a Chinese espionage group known as UNC3886. The backdoors provided attackers with persistent…
China-linked APT UNC3886 targets EoL Juniper routers

Mar 13, 2025 1:52 AM

Tags: access, apt, attack, backdoor, china, espionage, group, mandiant, network, router

Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper NetworksJunos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to…
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers

Mar 12, 2025 5:52 PM

Tags: access, backdoor, china, cyber, espionage, exploit, group, hacker, malware, router

UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected. First seen on hackread.com Jump to article: hackread.com/chinese-group-unc3886-backdoor-juniper-routers/
Chinese cyberespionage group deploys custom backdoors on Juniper routers

Mar 12, 2025 4:52 PM

Tags: access, attack, authentication, backdoor, backup, botnet, china, control, credentials, cyberespionage, ddos, detection, encryption, endpoint, espionage, exploit, google, group, identity, infrastructure, injection, intelligence, malicious, malware, mandiant, mitigation, monitoring, network, risk, router, software, switch, tactics, threat, tool, unauthorized, update, vulnerability, zero-day

File integrity protections were bypassed: Attackers’ initial access to the Juniper MX routers analyzed by Mandiant seems to have been achieved with legitimate credentials. While UNC3886 has developed and used zero-day exploits to compromise network-edge devices in the past, the group actively performs credential collection on compromised networks for lateral movement to support its goal…
SideWinder APT Group: Maritime Nuclear Targets, Evolved Malware

Mar 12, 2025 4:52 PM

Tags: apt, cyber, espionage, group, malware, threat

The SideWinder Advanced Persistent Threat (APT) group has expanded its cyber-espionage operations, targeting the maritime and nuclear sectors First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-group-maritime-nuclear-targets-evolved-malware/
North Korean Cyber Espionage Group Kimsuky Exploits University Website in Watering Hole Attack

Mar 12, 2025 4:52 PM

Tags: attack, cyber, cybersecurity, espionage, exploit, group, north-korea

Cybersecurity researchers from ESTsecurity’s Security Response Center (ESRC) have uncovered a new watering hole attack campaign attributed to First seen on securityonline.info Jump to article: securityonline.info/north-korean-cyber-espionage-group-kimsuky-exploits-university-website-in-watering-hole-attack/
Spyware in bogus Android apps is attributed to North Korean group

Mar 12, 2025 4:52 PM

Tags: android, espionage, group, north-korea, spyware

A North Korean nation-state group tracked as APT37 or ScarCruft placed infected utilities in Android app stores as part of an espionage campaign, according to researchers at Lookout. First seen on therecord.media Jump to article: therecord.media/north-korea-malware-android-apps-kospy-apt37-scarcruft
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits

Mar 12, 2025 4:52 PM

Tags: backdoor, breach, china, cyber, espionage, group, hacker, network, router

The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure.”The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that…
Chinese Hackers Implant Backdoor Malware on Juniper Routers

Mar 12, 2025 4:52 PM

Tags: backdoor, china, espionage, hacker, malware, mandiant, router

Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-backdoor-malware-juniper/
UK ‘Extremely Worried’ About Cyberthreats

Mar 11, 2025 12:54 PM

Tags: china, cyberespionage, espionage, government, risk, russia

Risk of Espionage and Disruption Key Risks, Lawmakers Warned. The British government is extremely worried about the Chinese and Russian cyberespionage and disruptive hacks, government officials told the U.K. Public Accounts Committee on Monday. The United Kingdom has faced a substantial escalation in cyberthreats in the last three years, lawmakers heard. First seen on govinfosecurity.com…
UK ‘Extremely Worried’ About Cyber Threats

Mar 11, 2025 5:54 AM

Tags: china, cyber, espionage, government, risk, russia, threat

Risk of Espionage and Disruption Key Risks, Lawmakers Warned. The British government is extremely worried about the Chinese and Russian cyber espionage and disruptive hacks, government officials told the UK Public Accounts Committee on Monday. The United Kingdom has faced a substantial escalation in cyberthreats in the last three years, lawmakers heard. First seen on…
Blind Eagle: “¦And Justice for All

Mar 10, 2025 2:54 PM

Tags: apt, espionage, finance, government, group, threat

ey Points Introduction APT-C-36, also known as Blind Eagle, is a threat group that engages in both espionage and cybercrime. It primarily targets organizations in Colombia and other Latin American countries. Active since 2018, this Advanced Persistent Threat (APT) group focuses on government institutions, financial organizations, and critical infrastructure. Blind Eagle is known for employing…
âš¡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact

Mar 10, 2025 11:53 AM

Tags: ai, attack, cloud, cyber, cybersecurity, espionage, finance, ransomware, resilience, threat

Cyber threats today don’t just evolve”, they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds”, ranging from nation-state espionage and ransomware to manipulated AI chatbots”, the landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our First seen on…
UK Cybersecurity Weekly News Roundup 9 March 2025

Mar 10, 2025 10:54 AM

Tags: android, attack, backdoor, breach, china, cloud, compliance, computer, cyber, cyberattack, cybercrime, cybersecurity, data, espionage, exploit, government, group, hacker, infrastructure, international, malware, microsoft, network, ransomware, regulation, resilience, service, skills, software, theft, update, vulnerability

Welcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. Microsoft Engineer’s Transition to Cybersecurity Ankit Masrani, a 36-year-old software engineer, successfully transitioned into a cybersecurity role at Microsoft. With a background in IT and a Master’s degree in computer science, Masrani secured…
Canadian intelligence agency warns of threat AI poses to upcoming elections

Mar 7, 2025 2:53 PM

Tags: ai, country, cyber, election, espionage, intelligence, threat

Influence and espionage campaigns, boosted by AI, are likely to be aimed at Canada’s upcoming elections, says a new report from the CSE, the country’s signals and cyber intelligence agency. First seen on therecord.media Jump to article: therecord.media/canada-cyber-agency-elections-warning-ai-