Tag: espionage
-
Breach Roundup: MetLife Denies RansomHub Cyberattack Claims
Also: German Prosecutors Charge Three Alleged Russian Saboteurs. This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea’s contagious interview campaign deployed new malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-metlife-denies-ransomhub-cyberattack-claims-a-27199
-
AT&T and Verizon Say Chinese Hackers Ejected From Networks
9 Telcos Have Been Breached by Beijing-Backed ‘Salt Typhoon,’ White House Says. U.S. telecommunications giants AT&T and Verizon Communications believe they have finally ejected Chinese cyber espionage hackers from their networks. The White House said the Salt Typhoon nation-state hackers infiltrated at least nine U.S. telcos’ infrastructure, and have been hard to eject. First seen…
-
China’s cyber intrusions took a sinister turn in 2024
From targeted espionage to pre-positioning – not that they are mutually exclusive First seen on theregister.com Jump to article: www.theregister.com/2024/12/31/china_cyber_intrusions_2024/
-
IPMsg Installer Weaponized: Lazarus Group Targets Crypto Finance
The notorious APT-C-26 (Lazarus) group, known for its advanced persistence and cyber espionage tactics, has resurfaced with a new campaign targeting financial institutions and cryptocurrency exchanges. In a recent analysis... First seen on securityonline.info Jump to article: securityonline.info/ipmsg-installer-weaponized-lazarus-group-targets-crypto-finance/
-
A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says
A top White House official said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign. The post A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/a-9th-telecoms-firm-has-been-hit-by-a-massive-chinese-espionage-campaign-the-white-house-says/
-
Paper Werewolf: From Espionage to Destruction A New Threat Emerges
The BI.ZONE Threat Intelligence team has reported a surge in activity from the espionage cluster known as Paper Werewolf (also referred to as GOFFEE). Operating since at least 2022, the... First seen on securityonline.info Jump to article: securityonline.info/paper-werewolf-from-espionage-to-destruction-a-new-threat-emerges/
-
Biden administration finalizes rule to block sale of Americans’ bulk data to adversaries
The rule, proposed under an executive order in late February and finalized Friday, is intended to address the “urgent and extraordinary national security threat” created by U.S. adversaries acquiring personal data that can be used for espionage, blackmail, influence campaigns and other malicious activities.]]> First seen on therecord.media Jump to article: therecord.media/biden-admin-finalizes-rule-to-block-sale-of-bulk-data-to-adversaries
-
White House: Salt Typhoon hacks possible because telecoms lacked basic security measures
In an update Friday, the White House says nine telecom companies were impacted by the Chinese espionage effort. First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-telecom-cybersecurity-gaps-white-house-response/
-
US adds 9th telecom company to list of known Salt Typhoon targets
An additional U.S. telecom company was victimized by the Salt Typhoon cyber-espionage campaign attributed to China, the White House said.]]> First seen on therecord.media Jump to article: therecord.media/nine-us-companies-hacked-salt-typhoon-china-espionage
-
How are you securing your communications in the wake of the Volt Typhoon revelations?
Tags: access, advisory, android, apple, apt, attack, authentication, business, china, cisa, cisco, cloud, communications, computer, control, cyber, cybersecurity, detection, email, endpoint, espionage, exploit, firewall, firmware, government, group, Hardware, infrastructure, Internet, Intruder, microsoft, network, phishing, ransomware, risk, service, software, technology, threat, tool, update, vpn, vulnerability, windows, zero-dayThe FBI recently released information that text messages between Apple and Android texting systems were insecure and that attackers could listen in and access those communications, more fallout from the revelation that a Chinese-affiliated threat actor had breached telecommunications companies.The announcement that the group known as Salt Typhoon had compromised networks of major global telecommunications…
-
USA Launched Cyber Attack on Chinese Technology Firms
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage targeting Chinese technology companies and research institutions. These attacks, suspected to be orchestrated by U.S. intelligence agencies, aimed to steal sensitive commercial secrets and intellectual property, raising alarm over the growing sophistication of cyber threats. Targeting Advanced Material Design Companies…
-
CVE-2024-30088 Under Attack: OilRig Targets Windows Kernel Vulnerability
Renowned for cyber espionage activities targeting critical sectors in the Middle East, OilRig, also known as APT34 or Helix Kitten operates with precision, exploiting vulnerabilities and employing advanced techniques to... First seen on securityonline.info Jump to article: securityonline.info/cve-2024-30088-under-attack-oilrig-targets-windows-kernel-vulnerability/
-
Cloud Atlas Deploys VBCloud backdoor in Latest Cyber Espionage Campaign
The notorious cyber-espionage group Cloud Atlas, active since 2014, has been observed leveraging a new arsenal in its ongoing campaigns against Eastern Europe and Central Asia, according to a detailed... First seen on securityonline.info Jump to article: securityonline.info/cloud-atlas-deploys-vbcloud-backdoor-in-latest-cyber-espionage-campaign/
-
7 biggest cybersecurity stories of 2024
Tags: access, ai, alphv, at&t, attack, authentication, breach, business, china, cio, ciso, citrix, cloud, credentials, crowdstrike, crypto, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, detection, email, espionage, exploit, extortion, finance, google, government, group, hacking, healthcare, incident response, infection, insurance, intelligence, international, jobs, lockbit, malicious, malware, mandiant, mfa, microsoft, network, nis-2, north-korea, office, phishing, phone, privacy, ransomware, regulation, risk, risk-management, scam, service, software, strategy, tactics, technology, threat, ukraine, update, vulnerability, windowsCybersecurity headlines were plenty this year, with several breaches, attacks, and mishaps drawing worldwide attention.But a few incidents in particular had far-reaching consequences, with the potential to reshape industry protections, shake up how vendors secure customers’ systems, or drive security leaders to reassess their strategies.Longer-term trends such as increased cybersecurity regulations and the impact of…
-
Lazarus APT targeted employees at an unnamed nuclear-related organization
North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024. Kaspersky researchers observed the North Korea-linked Lazarus Group targeting at least two employees associated with the same nuclear-related organization over the course of one month. The experts believe the attacks are part the cyber espionage campaign Operation Dream Job (aka NukeSped),…
-
WhatsApp Wins NSO in Pegasus Spyware Hacking Lawsuit After 5 Years
After a prolonged legal battle stretching over five years, WhatsApp has triumphed over NSO Group in a significant lawsuit concerning the use of Pegasus spyware. The verdict, handed down by the United States District Court for the Northern District of California, marks a major milestone in the fight against cyber espionage and reinforces the tech…
-
Earth Koshchei’s Rogue RDP Campaign: A Sophisticated APT Attack Targets Governments and Enterprises
Trend Micro has unveiled a large-scale rogue remote desktop protocol (RDP) campaign conducted by the threat group Earth Koshchei. Known for their espionage operations, Earth Koshchei leveraged spear-phishing emails and... First seen on securityonline.info Jump to article: securityonline.info/earth-koshcheis-rogue-rdp-campaign-a-sophisticated-apt-attack-targets-governments-and-enterprises/
-
US eyes ban on TP-Link routers amid cybersecurity concerns
Tags: attack, business, china, compliance, computer, corporate, country, cyber, cyberattack, cybercrime, cybersecurity, ddos, defense, espionage, exploit, flaw, government, hacking, infrastructure, intelligence, law, malicious, microsoft, network, risk, router, technology, threat, vulnerability, wifiThe US government is investigating TP-Link, a Chinese company that supplies about 65% of routers for American homes and small businesses, amid concerns about national security risks. Reports suggest these routers have vulnerabilities that cybercriminals exploit to compromise sensitive enterprise data.Investigations by the Commerce, Defense, and Justice Departments indicate that the routers may have been…
-
CISA Released Secure Mobile Communication Best Practices 2025
Tags: best-practice, china, cisa, communications, cyber, cybersecurity, espionage, infrastructure, malicious, mobile, threatThe Cybersecurity and Infrastructure Security Agency (CISA) has released new best practice guidance to safeguard mobile communications amid rising concerns over cyber espionage activities linked to People’s Republic of China (PRC)-affiliated threat actors. These malicious actors have been targeting commercial telecommunications infrastructure to intercept call records and compromise the private communications of highly targeted individuals,…
-
Russia-linked APT29 group used red team tools in rogue RDP attacks
Russia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware. The…
-
US CISA Endorses Encrypted Apps Amid Chinese Telecom Hack
CISA Recommends Strict Mobile Security Measures Following Salt Typhoon Telecom Hack. The Cybersecurity and Infrastructure Security Agency’s latest guidance calls on top U.S. political and government officials to adopt stricter mobile security measures in response to the Salt Typhoon hacking campaign, a Chinese espionage effort that has infiltrated major telecom systems. First seen on govinfosecurity.com…
-
The Mask APT is back after 10 years of silence
Kaspersky researchers linked a new wave of cyber attacks to the cyber espionage group tracked as The Mask. Kaspersky researchers linked several targeted attacks to a cyber espionage group known as The Mask. The APT group targeted an organization in Latin America in 2019 and 2022. Threat actors accessed an MDaemon email server and used…
-
Espionage Campaign Targets Turkish Defense Industry
APT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT. A suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh. First seen on govinfosecurity.com Jump…
-
That cheap webcam? HiatusRAT may be targeting it, FBI warns
Webcams have been a key part of business and home offices everywhere, especially since the COVID pandemic hit. But they are not often high-quality products, especially if used only sporadically, as many consumers and remote workers are content with a cheap one from China. This not only causes regular hardware problems, but it can also be…
-
Russia FSB relies on Ukrainian minors for criminal activities disguised as >>quest games<<
Ukraine’s SBU uncovered an FSB espionage campaign recruiting minors for criminal activities disguised as >>quest games.
-
Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware
A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT.”The attack chain used alternate data streams in a RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target machine…
-
The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022.”The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007,” Kaspersky researchers Georgy Kucherin and Marc Rivero…
-
FBI, CISA issue warning for cross Apple-Android texting
CISA and the FBI recently released a joint statement that the People’s Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/fbi-cisa-issue-warning-for-cross-apple-android-texting/
-
Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes
The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia’s Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of “quest games.”Law enforcement officials said that it detained two FSB agent groups following a special operation in Kharkiv. These…