Collecting Cyber-News from over 60 sources

Tag: espionage

Zero-Day Attacks Stolen Keys: Silk Typhoon Breaches Networks

Mar 7, 2025 5:53 AM

Tags: attack, breach, china, cyber, espionage, intelligence, microsoft, network, tactics, threat, zero-day

Microsoft Threat Intelligence has uncovered a strategic shift in the tactics of Silk Typhoon, a Chinese state-backed cyber-espionage First seen on securityonline.info Jump to article: securityonline.info/zero-day-attacks-stolen-keys-silk-typhoon-breaches-networks/
UNK_CraftyCamel: New Threat Group Using Polyglot Malware in UAE

Mar 7, 2025 5:53 AM

Tags: cyber, cybersecurity, espionage, group, malware, threat

Cybersecurity researchers at Proofpoint have identified a highly targeted cyber-espionage campaign employing polyglot malware to compromise aviation, satellite First seen on securityonline.info Jump to article: securityonline.info/unk_craftycamel-new-threat-group-using-polyglot-malware-in-uae/
Microsoft Warns of Silk Typhoon Hackers Exploiting Cloud Services to Attack IT Supply Chain

Mar 6, 2025 7:54 PM

Tags: attack, china, cloud, cyber, espionage, exploit, group, hacker, intelligence, microsoft, service, supply-chain, tactics, threat, tool, vulnerability

Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions such as remote management tools and cloud applications for initial access. This well-resourced and technically proficient threat actor has demonstrated a large targeting footprint among Chinese threat actors, exploiting vulnerabilities in edge devices…
Chinese Silk Typhoon Group Targets IT Tools for Network Breaches

Mar 5, 2025 7:34 PM

Tags: breach, china, cloud, espionage, exploit, group, microsoft, network, service, tool

Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks. First seen on hackread.com Jump to article: hackread.com/chinese-silk-typhoon-group-it-tools-network-breaches/
Silk Typhoon hackers now target IT supply chains to breach networks

Mar 5, 2025 7:34 PM

Tags: access, attack, breach, china, cloud, cyber, espionage, group, hacker, microsoft, network, service, supply-chain, tactics, threat, tool

Microsoft warns that Chinese cyber-espionage threat group ‘Silk Typhoon’ has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/silk-typhoon-hackers-now-target-it-supply-chains-to-breach-networks/
Silk Typhoon Shifts Tactics to Exploit Common IT Solutions

Mar 5, 2025 6:34 PM

Tags: china, data, espionage, exploit, group, network, tactics

Chinese espionage group Silk Typhoon is increasingly exploiting common IT solutions to infiltrate networks and exfiltrate data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/silk-typhoon-exploits-common/
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America

Mar 5, 2025 4:34 PM

Tags: access, attack, cybersecurity, espionage, malware, rat, russia, threat, usa

The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024.The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a “full suite of espionage features.””It could upload…
Operation Sea Elephant Targets Organizations to Steal Research Data

Mar 5, 2025 1:34 PM

Tags: cyber, data, espionage, group, threat

A sophisticated Advanced Persistent Threat (APT) group, known as CNC, has been conducting a cyber espionage campaign dubbed >>Operation Sea Elephant
Chinese cyber espionage growing across all industry sectors

Mar 5, 2025 9:34 AM

Tags: access, attack, authentication, botnet, breach, china, cisco, credentials, crowdstrike, cyber, cyberespionage, defense, espionage, exploit, finance, flaw, government, group, identity, Internet, iot, law, malware, mfa, network, service, social-engineering, technology, threat, update, vulnerability

New cyber operations in key sectors: Historically, Chinese cyberespionage groups have predominantly targeted organizations from the government, technology, and telecommunications sectors and that continued in 2024. Government orgs were a target for China-linked threat actors in virtually all regions of the world, and Salt Typhoon, a cyber unit tied to China’s MSS, made headlines in…
Polyglot files used to spread new backdoor

Mar 5, 2025 5:34 AM

Tags: access, attack, awareness, backdoor, business, ceo, cio, ciso, computer, control, corporate, cybercrime, data, detection, email, endpoint, espionage, exploit, india, infection, infrastructure, malicious, malware, social-engineering, technology, threat, training

the attackers first compromised the email account of an Indian electronics company, then used that access to send email messages with malicious links;the link led to a ZIP file that includes polyglot files to obfuscate payload content.According to Proofpoint, the use by threat actors of polyglot files, which are files that can be interpreted by…
Operation Sea Elephant Cyber-Espionage Campaign Targeting South Asia

Mar 5, 2025 5:34 AM

Tags: cyber, espionage, intelligence, threat

A recent report from Qi’anxin Threat Intelligence Center exposes an advanced cyber-espionage campaign dubbed Operation Sea Elephant, which First seen on securityonline.info Jump to article: securityonline.info/operation-sea-elephant-cyber-espionage-campaign-targeting-south-asia/
Enhancing security with Microsoft’s expanded cloud logs

Mar 5, 2025 12:34 AM

Tags: cloud, corporate, cyber, dark-web, data, espionage, government, group, hacker, hacking, microsoft

Nation-state-sponsored hacking stories are a big part of everyone’s favourite Hollywood movies”‰”, “‰that is, until it becomes a real-life story of our own compromised personal or corporate sensitive data ending up on the dark web or in hackers’ hands. In real life, cyber espionage groups’ activities trigger stringent security enforcement. First in the government sector,…
New Cyber-Espionage Campaign Targets UAE Aviation and Transport

Mar 4, 2025 6:34 PM

Tags: cyber, espionage, malware

A cyber-espionage campaign targeting UAE aviation and transport has been identified by researchers, using customized lures to deploy Sosano malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/espionage-campaign-targets-uae/
Hackers Exploiting Business Relationships to Attack Arab Emirates Aviation Sector

Mar 4, 2025 5:34 PM

Tags: attack, business, communications, cyber, espionage, exploit, hacker, infrastructure, malware, threat

A sophisticated cyber espionage campaign targeting the aviation and satellite communications sectors in the United Arab Emirates has been uncovered by Proofpoint researchers. The operation, attributed to a threat cluster dubbed >>UNK_CraftyCamel,
Researchers Unveil APT28’s Advanced HTA Trojan Obfuscation Tactics

Mar 4, 2025 5:34 PM

Tags: cyber, espionage, group, russia, tactics, threat

Security researchers have uncovered sophisticated obfuscation techniques employed by APT28, a Russian-linked advanced persistent threat (APT) group, in their HTA (HTML Application) Trojan. The analysis, part of an ongoing investigation into APT28’s cyber espionage campaigns targeting Central Asia and Kazakhstan, highlights the group’s use of multi-layered obfuscation and the VBE (VBScript Encoded) technique to evade…
Dark Caracal group might have refreshed its malware, researchers say

Mar 4, 2025 3:34 PM

Tags: cyber, espionage, group, malware, tool

Dark Caracal, a group suspected of cyber mercenary activities, appeared to shift to a new espionage tool in a campaign aimed at Latin American targets, according to researchers. First seen on therecord.media Jump to article: therecord.media/dark-caracal-hackers-poco-rat-bandook
Hunters International Claims Tata Technologies Cyberattack

Mar 4, 2025 2:34 PM

Tags: breach, cyber, cyberattack, data, espionage, group, international, ransomware, service, technology, theft

Multinational engineering and technology services firm Tata Technologies has reportedly fallen victim to a significant cyberattack claimed by the ransomware group Hunters International. According to recent social media reports, the breach allegedly resulted in the theft of 1.4 terabytes of sensitive data, raising concerns about potential industrial espionage and operational disruptions for high-profile clients such…
New Poco RAT Via Weaponized PDF Attacking Users to Capture Sensitive Data

Mar 3, 2025 12:34 PM

Tags: cyber, data, espionage, group, malware, rat, tool

A new variant of malware, dubbed >>Poco RAT,
Lotus Blossom Hackers Target Southeast Asia with Sagerunex Backdoor

Mar 3, 2025 5:33 AM

Tags: backdoor, cyber, espionage, government, group, hacker

A sophisticated cyber espionage operation linked to the Lotus Blossom group has been discovered targeting government, manufacturing, telecommunications, First seen on securityonline.info Jump to article: securityonline.info/lotus-blossom-hackers-target-southeast-asia-with-sagerunex-backdoor/
China hacking has reached ‘inflection point’

Feb 28, 2025 11:34 AM

Tags: china, crowdstrike, cyber, espionage, hacking, threat

In its 2025 Global Threat Report, CrowdStrike observed an increase in China’s cyber capabilities, with a focus on espionage and ‘pre-positioning’ itself in critical environments. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619774/CrowdStrike-China-hacking-has-reached-inflection-point
Cyber Espionage in Thailand: Chinese APT Deploys Yokai Malware

Feb 28, 2025 5:34 AM

Tags: apt, china, cyber, espionage, malware

Cado Security Labs has uncovered a new malware campaign targeting the Royal Thai Police, attributed to the Chinese First seen on securityonline.info Jump to article: securityonline.info/cyber-espionage-in-thailand-chinese-apt-deploys-yokai-malware/
Australia bans government use of Kaspersky software over Russian espionage concerns

Feb 24, 2025 4:22 PM

Tags: cybersecurity, data, espionage, government, kaspersky, network, risk, russia, software

Kaspersky software “poses an unacceptable security risk to the Australian government, networks, and data,” Home Affairs Secretary Stephanie Foster said in announcing a ban on the cybersecurity company’s products. First seen on therecord.media Jump to article: therecord.media/kaspersky-australia-government-ban
Australia bans Kaspersky over national security concerns

Feb 24, 2025 3:23 PM

Tags: cybersecurity, espionage, framework, government, kaspersky, risk, russia, service, software

Australia bans Kaspersky software over national security concerns, citing risks of foreign interference, espionage, and sabotage of government networks. Australian Government banned products and services provided by Russian cybersecurity firm Kaspersky over national security concerns. The Secretary of the Department of Home Affairs has issued a mandatory directive under the Protective Security Policy Framework (PSPF)…
Australia Bans Kaspersky Software Over National Security and Espionage Concerns

Feb 24, 2025 11:23 AM

Tags: country, data, espionage, government, kaspersky, network, risk, risk-analysis, russia, service, software, threat

Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns.”After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data,…
North Korean APT28 Expands Cyber Espionage Campaign

Feb 24, 2025 5:23 AM

Tags: apt, cyber, espionage, intelligence, north-korea, threat

A recent report from 360 Threat Intelligence Center has detailed the persistent cyber espionage activities of APT-C-28 (ScarCruft), First seen on securityonline.info Jump to article: securityonline.info/north-korean-apt-c-28-expands-cyber-espionage-campaign/
Australian Critical Infrastructure Faces ‘Acute’ Foreign Threats

Feb 20, 2025 12:46 PM

Tags: cyber, espionage, infrastructure, intelligence, military, threat

The continent faces relentless military espionage, and increased cyber sabotage at the hands of authoritarian regimes, according to a high-ranking intelligence director. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/australian-critical-infrastructure-acute-foreign-threats
Russian cyberespionage groups target Signal users with fake group invites

Feb 19, 2025 7:46 PM

Tags: access, android, api, attack, communications, computer, cyber, cyberespionage, data, espionage, google, group, intelligence, linux, macOS, malicious, malware, military, mobile, password, phishing, phone, powershell, qr, russia, service, spyware, tactics, threat, ukraine, update, windows

QR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
A Signal Update Fends Off a Phishing Technique Used in Russian Espionage

Feb 19, 2025 12:46 PM

Tags: espionage, google, group, hacker, phishing, qr, russia, ukraine, update

Google warns that hackers tied to Russia are tricking Ukrainian soldiers with fake QR codes for Signal group invites that let spies steal their messages. Signal has pushed out new safeguards. First seen on wired.com Jump to article: www.wired.com/story/russia-signal-qr-code-phishing-attack/
EagerBee Malware Targets Government Agencies ISPs with Stealthy Backdoor Attack

Feb 18, 2025 5:46 PM

Tags: attack, backdoor, china, cyber, espionage, government, group, infrastructure, Internet, malware, service, threat

A sophisticated cyber espionage campaign leveraging the EagerBee malware has been targeting government agencies and Internet Service Providers (ISPs) across the Middle East. This advanced backdoor malware, attributed to the Chinese-linked threat group CoughingDown, demonstrates cutting-edge stealth capabilities and persistence mechanisms, posing a significant threat to critical infrastructure in the region. Advanced Capabilities of EagerBee…
Mustang Panda Leverages Microsoft Tools to Bypass Anti-Virus Solutions

Feb 18, 2025 4:46 PM

Tags: antivirus, china, espionage, group, malware, microsoft, tool, virus

Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mustang-panda-microsoft-bypass/