Tag: espionage
-
Chinese Connected Car Tech Banned by Biden Administration
National Security and Hacking Worries Underpin Concerns over Supply Chain Risk. The U.S. federal government is telling the automotive industry to stop buying Chinese manufactured hardware and software powering onboard telematics and automated driving systems, warning that the potential for nation-state hacking and espionage poses a national security risk. First seen on govinfosecurity.com Jump to…
-
Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware
Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cyber espionage campaign to gather economic and political intelligence in Central Asia. The Computer Emergency Response Team of Ukraine (CERT-UA) first detailed the activity of UAC-0063 in early 2023.…
-
APT28’s New Espionage Campaign Uses Double-Tap Infection Chain
In a recent revelation, security researchers Amaury G., Maxime A., Erwan Chevalier, Felix Aimé, and Sekoia TDR have First seen on securityonline.info Jump to article: securityonline.info/apt28s-new-espionage-campaign-uses-double-tap-infection-chain/
-
Hackers with likely Kremlin ties target Kazakhstan in espionage campaign
The hackers used legitimate documents believed to be from Kazakhstan’s Ministry of Foreign Affairs to deliver malware to diplomatic entities in Central Asia. First seen on therecord.media Jump to article: therecord.media/hackers-kremlin-kazakhstan-espionage-campaign
-
RedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns
A recent report by Insikt Group reveals an ongoing, sophisticated cyber-espionage operation by the RedDelta advanced persistent threat First seen on securityonline.info Jump to article: securityonline.info/reddelta-leverages-plugx-backdoor-in-state-sponsored-espionage-campaigns/
-
RedCurl APT Group: Cyber Espionage with Livingthe-Land Techniques
The RedCurl Advanced Persistent Threat (APT) group, also known as Earth Kapre or Red Wolf, has resurfaced with First seen on securityonline.info Jump to article: securityonline.info/redcurl-apt-group-cyber-espionage-with-living-off-the-land-techniques/
-
RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns
Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024.”The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou, the Vietnamese National Holiday, flood protection in Mongolia, and meeting invitations, including…
-
China-linked APT group MirrorFace targets Japan
Japanese authorities attributed a cyber-espionage campaign targeting the country to the China-linked APT group MirrorFace. The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a long-running cyber-espionage campaign targeting local entities to the China-linked group MirrorFace (aka Earth Kasha). The campaign has been active since at least 2019, it…
-
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year.The latest attacks, exploiting…
-
MirrorFace hackers targeting Japanese govt, politicians since 2019
The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a cyber-espionage campaign targeting the country to the Chinese state-backed “MirrorFace” hacking group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mirrorface-hackers-targeting-japanese-govt-politicians-since-2019/
-
Zero-Day Alert: UNC5337 Exploits Ivanti VPN Vulnerability CVE-2025-0282 for Espionage Operations
Ivanti Connect Secure (ICS) VPN appliances have become the focus of advanced threat actors, exploiting a newly disclosed First seen on securityonline.info Jump to article: securityonline.info/zero-day-alert-unc5337-exploits-ivanti-vpn-vulnerability-cve-2025-0282-for-espionage-operations/
-
MirrorFace: Unmasking the Chinese Cyber Espionage Group Targeting Japan
On January 8, 2025, the Japanese National Police Agency (NPA) issued a critical warning regarding ongoing cyberattacks attributed First seen on securityonline.info Jump to article: securityonline.info/mirrorface-unmasking-the-chinese-cyber-espionage-group-targeting-japan/
-
More telecom firms were breached by Chinese hackers than previously reported
Tags: access, at&t, attack, breach, china, cisco, communications, cyber, cyberespionage, cybersecurity, data, defense, disinformation, espionage, exploit, finance, fortinet, framework, government, group, hacker, Hardware, infrastructure, intelligence, international, microsoft, mobile, network, phone, regulation, risk, risk-management, router, spy, technology, threat, vulnerabilityChinese hackers linked to the Salt Typhoon cyberespionage operation have breached even more US telecommunications firms than initially reported.New victims, Charter Communications, Consolidated Communications, and Windstream, add to a growing list that already includes AT&T, Verizon, T-Mobile, and Lumen Technologies.Earlier, the US authorities informed that nine telecom firms have been affected by the Chinese espionage…
-
Breach Roundup: MetLife Denies RansomHub Cyberattack Claims
Also: German Prosecutors Charge Three Alleged Russian Saboteurs. This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea’s contagious interview campaign deployed new malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-metlife-denies-ransomhub-cyberattack-claims-a-27199
-
AT&T and Verizon Say Chinese Hackers Ejected From Networks
9 Telcos Have Been Breached by Beijing-Backed ‘Salt Typhoon,’ White House Says. U.S. telecommunications giants AT&T and Verizon Communications believe they have finally ejected Chinese cyber espionage hackers from their networks. The White House said the Salt Typhoon nation-state hackers infiltrated at least nine U.S. telcos’ infrastructure, and have been hard to eject. First seen…
-
China’s cyber intrusions took a sinister turn in 2024
From targeted espionage to pre-positioning – not that they are mutually exclusive First seen on theregister.com Jump to article: www.theregister.com/2024/12/31/china_cyber_intrusions_2024/
-
IPMsg Installer Weaponized: Lazarus Group Targets Crypto Finance
The notorious APT-C-26 (Lazarus) group, known for its advanced persistence and cyber espionage tactics, has resurfaced with a new campaign targeting financial institutions and cryptocurrency exchanges. In a recent analysis... First seen on securityonline.info Jump to article: securityonline.info/ipmsg-installer-weaponized-lazarus-group-targets-crypto-finance/
-
A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says
A top White House official said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign. The post A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/a-9th-telecoms-firm-has-been-hit-by-a-massive-chinese-espionage-campaign-the-white-house-says/
-
Paper Werewolf: From Espionage to Destruction A New Threat Emerges
The BI.ZONE Threat Intelligence team has reported a surge in activity from the espionage cluster known as Paper Werewolf (also referred to as GOFFEE). Operating since at least 2022, the... First seen on securityonline.info Jump to article: securityonline.info/paper-werewolf-from-espionage-to-destruction-a-new-threat-emerges/
-
Biden administration finalizes rule to block sale of Americans’ bulk data to adversaries
The rule, proposed under an executive order in late February and finalized Friday, is intended to address the “urgent and extraordinary national security threat” created by U.S. adversaries acquiring personal data that can be used for espionage, blackmail, influence campaigns and other malicious activities.]]> First seen on therecord.media Jump to article: therecord.media/biden-admin-finalizes-rule-to-block-sale-of-bulk-data-to-adversaries
-
White House: Salt Typhoon hacks possible because telecoms lacked basic security measures
In an update Friday, the White House says nine telecom companies were impacted by the Chinese espionage effort. First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-telecom-cybersecurity-gaps-white-house-response/
-
US adds 9th telecom company to list of known Salt Typhoon targets
An additional U.S. telecom company was victimized by the Salt Typhoon cyber-espionage campaign attributed to China, the White House said.]]> First seen on therecord.media Jump to article: therecord.media/nine-us-companies-hacked-salt-typhoon-china-espionage
-
How are you securing your communications in the wake of the Volt Typhoon revelations?
Tags: access, advisory, android, apple, apt, attack, authentication, business, china, cisa, cisco, cloud, communications, computer, control, cyber, cybersecurity, detection, email, endpoint, espionage, exploit, firewall, firmware, government, group, Hardware, infrastructure, Internet, Intruder, microsoft, network, phishing, ransomware, risk, service, software, technology, threat, tool, update, vpn, vulnerability, windows, zero-dayThe FBI recently released information that text messages between Apple and Android texting systems were insecure and that attackers could listen in and access those communications, more fallout from the revelation that a Chinese-affiliated threat actor had breached telecommunications companies.The announcement that the group known as Salt Typhoon had compromised networks of major global telecommunications…
-
USA Launched Cyber Attack on Chinese Technology Firms
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage targeting Chinese technology companies and research institutions. These attacks, suspected to be orchestrated by U.S. intelligence agencies, aimed to steal sensitive commercial secrets and intellectual property, raising alarm over the growing sophistication of cyber threats. Targeting Advanced Material Design Companies…
-
CVE-2024-30088 Under Attack: OilRig Targets Windows Kernel Vulnerability
Renowned for cyber espionage activities targeting critical sectors in the Middle East, OilRig, also known as APT34 or Helix Kitten operates with precision, exploiting vulnerabilities and employing advanced techniques to... First seen on securityonline.info Jump to article: securityonline.info/cve-2024-30088-under-attack-oilrig-targets-windows-kernel-vulnerability/
-
Cloud Atlas Deploys VBCloud backdoor in Latest Cyber Espionage Campaign
The notorious cyber-espionage group Cloud Atlas, active since 2014, has been observed leveraging a new arsenal in its ongoing campaigns against Eastern Europe and Central Asia, according to a detailed... First seen on securityonline.info Jump to article: securityonline.info/cloud-atlas-deploys-vbcloud-backdoor-in-latest-cyber-espionage-campaign/