Tag: espionage

The Hidden Risks of Mobile Calls and Messages: Why EndEnd Encryption is Just the Starting Line

Dec 16, 2024 7:42 AM

Tags: access, android, breach, business, communications, control, cybercrime, cybersecurity, data, encryption, endpoint, espionage, government, identity, intelligence, mobile, network, risk, service, startup, technology, threat, tool, update, vulnerability

The recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks. Another rising concern is the blind trust organizations and individuals put into consumer-grade messaging apps such as WhatsApp to share government and commercially-sensitive information. Some of the biggest risks concerning these…
SAP systems increasingly targeted by cyber attackers

Dec 14, 2024 5:05 AM

Tags: access, attack, authentication, business, cloud, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, data-breach, espionage, exploit, finance, group, hacker, intelligence, Internet, ransomware, remote-code-execution, russia, sap, service, software, technology, threat, unauthorized, update, vulnerability, zero-day

A review of four years of threat intelligence data, presented Friday at Black Hat by Yvan Genuer, a senior security researcher at Onapsis, reports a spike in hacker interest in breaking into enterprise resource planning (ERP) systems from SAP in 2020 that was sustained until the end of 2023.The vast majority (87%) of the Forbes…
Democrats and Republicans condemn espionage-driven Chinese hack

Dec 14, 2024 5:05 AM

Tags: china, data, espionage, group

Ongoing infiltration by Salt Typhoon group has hit US telecoms companies and Trump, Vance and HarrisDemocrats and Republicans have come together in a rare moment of unity to condemn an espionage-driven Chinese infiltration of the US telecommunications system that has been called the worst hack in American history.Carried out by a group called Salt Typhoon…
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions

Dec 14, 2024 1:05 AM

Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-day

The brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
Researchers expose a surge in hacker interest in SAP systems

Dec 13, 2024 8:05 PM

Tags: access, attack, authentication, business, cloud, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, data-breach, espionage, exploit, finance, group, hacker, intelligence, Internet, ransomware, remote-code-execution, russia, sap, service, software, technology, threat, unauthorized, update, vulnerability, zero-day

A review of four years of threat intelligence data, presented Friday at Black Hat by Yvan Genuer, a senior security researcher at Onapsis, reports a spike in hacker interest in breaking into enterprise resource planning (ERP) systems from SAP in 2020 that was sustained until the end of 2023.The vast majority (87%) of the Forbes…
Ukraine uncovers Russian spy network recruiting teens for espionage

Dec 13, 2024 7:05 PM

Tags: defense, espionage, network, russia, spy, ukraine

The suspected spies were allegedly photographing Ukrainian air defense facilities when they were arrested.]]> First seen on therecord.media Jump to article: therecord.media/ukraine-sbu-espionage-campaign-russia
Remcos RAT Malware Evolves with New Techniques

Dec 12, 2024 6:05 PM

Tags: attack, control, cyber, data, espionage, malware, rat

Cyber-attacks involving Remcos RAT surged in Q3 2024, enabling attackers to control victim machines remotely, steal data and carry out espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-malware-evolves-new/
For Russian spies, existing cybercrime tools become avenues into Ukrainian military devices

Dec 12, 2024 3:05 PM

Tags: blizzard, cybercrime, espionage, group, infrastructure, military, russia, tool, ukraine

A Kremlin-backed group tracked as Secret Blizzard or Turla recently used existing cybercrime infrastructure for an espionage campaign aimed at Ukrainian military devices.]]> First seen on therecord.media Jump to article: therecord.media/turla-secret-blizzard-russia-espionage-ukraine-cybercrime-tools
Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Dec 12, 2024 5:05 AM

Tags: apt, business, china, cyber, cyberespionage, espionage, exploit, group, service, threat

In a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to a Chinese Advanced Persistent Threat (APT) group targeting large business-to-business IT service providers... First seen on securityonline.info Jump to article: securityonline.info/operation-digital-eye-chinese-apt-exploits-visual-studio-code-tunnels-in-high-stakes-espionage-campaign/
Chinese APT Groups Targets European IT Companies

Dec 11, 2024 10:05 PM

Tags: apt, china, cloud, cyber, espionage, group, hacking, infrastructure, microsoft, technology, threat

Evidence Mounts for Chinese Hacking ‘Quartermaster’. A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign Operation Digital Eye. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt-groups-targets-european-companies-a-27030
Russian cyber spies hide behind other hackers to target Ukraine

Dec 11, 2024 10:05 PM

Tags: blizzard, cyber, espionage, group, hacker, infrastructure, military, russia, threat, ukraine

Russian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-cyber-spies-hide-behind-other-hackers-to-target-ukraine/
Sprawling ‘Operation Digital Eye’ Attack Targets European IT Orgs

Dec 10, 2024 5:07 PM

Tags: attack, china, espionage, supply-chain, threat

A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/operation-digital-eye-attack-targets-european-it-orgs
Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage

Dec 10, 2024 1:09 PM

Tags: attack, business, china, cyber, cybersecurity, espionage, group, hacker, service

A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye.The intrusions took place from late June to mid-July 2024, cybersecurity companies SentinelOne SentinelLabs and Tinexta Cyber said in a joint report shared with The Hacker…
Suspected Russian hackers target Ukrainian defense enterprises in new espionage campaign

Dec 9, 2024 5:07 PM

Tags: computer, conference, defense, email, espionage, group, hacker, military, phishing, russia, ukraine

Ukraine’s military computer emergency response team said the group sent phishing emails disguised as invitations to a legitimate defense conference that took place in Kyiv last week.]]> First seen on therecord.media Jump to article: therecord.media/suspected-russian-hackers-target-ukrainian-enterprises-espionage
FCC proposes stronger telecom cyber rules as Salt Typhoon fallout continues

Dec 9, 2024 12:07 PM

Tags: china, cyber, espionage, government

The agency’s proposed rule changes come two months after a China-government sponsored espionage campaign first came to light. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fcc-cyber-rules-salt-typhoon/734867/
BlueAlpha Exploits Cloudflare Tunnels for GammaDrop Malware Infrastructure

Dec 8, 2024 5:07 AM

Tags: cyber, espionage, exploit, group, infrastructure, malware, russia, service, threat, ukraine

The Insikt Group has uncovered a sophisticated cyber-espionage operation conducted by BlueAlpha, a state-sponsored threat actor with links to the Russian Federal Security Service (FSB). The campaign targets Ukrainian entities... First seen on securityonline.info Jump to article: securityonline.info/bluealpha-exploits-cloudflare-tunnels-for-gammadrop-malware-infrastructure/
US Organization in China Falls Victim to Suspected Chinese Espionage Campaign

Dec 7, 2024 5:48 AM

Tags: attack, china, cyberespionage, espionage, threat

A recent report from the Symantec Threat Hunter Team reveals a troubling cyberespionage operation targeting a large US organization operating in China. The attack, suspected to be the work of... First seen on securityonline.info Jump to article: securityonline.info/us-organization-in-china-falls-victim-to-suspected-chinese-espionage-campaign/
Turla targets Pakistani APT infrastructure for espionage

Dec 6, 2024 9:49 PM

Tags: apt, espionage, infrastructure

First seen on scworld.com Jump to article: www.scworld.com/brief/turla-targets-pakistani-apt-infrastructure-for-espionage
Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Dec 6, 2024 6:49 PM

Tags: access, advisory, ai, attack, authentication, best-practice, breach, business, china, cisa, cloud, communications, compliance, computing, control, credentials, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, espionage, exploit, finance, firewall, fraud, government, group, guide, hacker, hacking, identity, infrastructure, insurance, international, Internet, interpol, iot, korea, law, least-privilege, linux, lockbit, login, malware, mfa, mitigation, mobile, network, open-source, password, phishing, privacy, ransomware, RedTeam, resilience, risk, router, scam, service, software, strategy, supply-chain, technology, theft, threat, tool, unauthorized, usa, vpn, vulnerability, windows

Don’t miss the Linux Foundation’s deep dive into open source software security. Plus, cyber agencies warn about China-backed cyber espionage campaign targeting telecom data. Meanwhile, a study shows the weight of security considerations in generative AI projects. And get the latest on ransomware trends, financial cybercrime and critical infrastructure security. Dive into six things that…
FCC calls for urgent cybersecurity overhaul amid Salt Typhoon espionage case

Dec 6, 2024 12:50 PM

Tags: access, at&t, attack, breach, china, cisa, communications, cyber, cyberattack, cyberespionage, cybersecurity, data, defense, espionage, framework, infrastructure, intelligence, law, monitoring, network, phone, risk, risk-management, service, technology, threat, unauthorized, usa, vulnerability

In the wake of the Salt Typhoon cyberespionage campaign allegedly linked to China, Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel has proposed immediate measures to strengthen the cybersecurity of US telecommunications infrastructure.The FCC’s action came a day after top US security agencies briefed senators and the Commission on the scope of Salt Typhoon’s espionage campaign,…
Russian Hacker Secret Blizzard Hijack C2 Infrastructure in New Espionage Campaign

Dec 6, 2024 5:48 AM

Tags: blizzard, espionage, hacker, infrastructure, russia, threat

Lumen’s Black Lotus Labs has uncovered an elaborate campaign by the Russian threat actor Secret Blizzard (also known as Turla). This operation demonstrates their signature tradecraft of hijacking other groups’... First seen on securityonline.info Jump to article: securityonline.info/russian-hacker-secret-blizzard-hijack-c2-infrastructure-in-new-espionage-campaign/
Russian APT Hackers Co-Opt Pakistani Infrastructure

Dec 5, 2024 9:50 PM

Tags: apt, control, espionage, group, hacker, hacking, infrastructure, intelligence, microsoft, network, russia

FSB Hackers Have Hijacked Others’ Command and Control Before. A Russian state hacking group hijacked the command and control infrastructure of a Pakistan-based espionage network as part of an ongoing intelligence-gathering operation targeting victims in Asia, finds a report from Microsoft and Black Lotus Labs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-apt-hackers-co-opt-pakistani-infrastructure-a-26982
US may plan legislation to contain Chinese cyber espionage

Dec 5, 2024 1:48 PM

Tags: advisory, ai, at&t, breach, ceo, china, cisa, cloud, cyber, cybersecurity, data, defense, espionage, finance, government, hacker, hacking, intelligence, mobile, network, phone, risk, technology, theft, threat, vulnerability

US senators were briefed behind closed doors this week on the scale of “Salt Typhoon,” an alleged Chinese cyber-espionage campaign targeting the nation’s telecommunications networks.The FBI, CISA, and other key agencies, who were part of the briefing, revealed that the sophisticated operation compromised at least eight US telecom firms, stealing metadata and call intercepts, including…
Russian Hackers Exploit Rival Attackers’ Infrastructure for Espionage

Dec 5, 2024 1:48 PM

Tags: apt, blizzard, cyber, cybercrime, espionage, exploit, hacker, infrastructure, microsoft, russia

Microsoft has found that Russian APT Secret Blizzard piggybacks on other cybercriminals’ infr4asytructure to conduct cyber espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russia-hackers-exploit-rival/
White House: Chinese telecom hacks have been in motion for years

Dec 4, 2024 10:48 PM

Tags: china, espionage

A senior administration official said Wednesday the Salt Typhoon hack has impacted dozens of countries in a sweeping espionage campaign First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-national-security-council-chinese-spying/
Security teams should act now to counter Chinese threat, says CISA

Dec 4, 2024 7:48 PM

Tags: 5G, access, apple, at&t, attack, authentication, china, cisa, cisco, communications, control, cyber, cybersecurity, data, encryption, espionage, exploit, google, government, hacker, infrastructure, linux, microsoft, mitigation, mobile, monitoring, network, nist, password, risk, service, siem, technology, theft, threat, vpn, vulnerability

Security teams and individuals across the US need to take immediate precautions to counter the surveillance threat posed by Chinese ‘Salt Typhoon’ hackers, who have burrowed deep into telecoms infrastructure, according to the US Cybersecurity and Infrastructure Security Agency (CISA).CISA issued an official alert recommending defensive measures on December 3, as federal officials briefed journalists…
Russian-linked Turla caught using Pakistani APT infrastructure for espionage

Dec 4, 2024 6:48 PM

Tags: apt, espionage, india, infrastructure, microsoft, russia

Both Microsoft and Lumen’s BlackLotus Labs found Turla spying on Afghanistan and India via Pakistani infrastructure. First seen on cyberscoop.com Jump to article: cyberscoop.com/turla-infiltrates-pakistani-apt-networks-microsoft-lumen/
Senators Warn the Pentagon: Get a Handle on China’s Telecom Hacking

Dec 4, 2024 6:48 PM

Tags: china, defense, espionage, hacking

In a letter to the Department of Defense, senators Ron Wyden and Eric Schmitt are calling for an investigation into fallout from the Salt Typhoon espionage campaign. First seen on wired.com Jump to article: www.wired.com/story/senators-warn-pentagon-salt-typhoon-china-hacking/
Russian hackers hijack Pakistani hackers’ servers for their own attacks

Dec 4, 2024 6:48 PM

Tags: attack, cyber, espionage, group, hacker, hacking, russia, threat

The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156’s infrastructure to launch their own covert attacks on already compromised networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-turla-hackers-hijack-pakistani-apt-servers-for-cyber-espionage-attacks/
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Dec 4, 2024 11:50 AM

Tags: advisory, china, cyber, cybersecurity, espionage, infrastructure, network

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks in a joint advisory. Australia, Canada, New Zealand, and the U.S. issued a joint advisory to warn of People’s Republic of China (PRC)-linked cyber espionage targeting telecom networks. >>The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal…