Tag: military
-
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware
The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor.”Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries — especially in Pakistan using spear-phishing and malicious documents as initial First seen on…
-
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years.”Phantom Taurus’ main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations,” Palo Alto Networks Unit 42 First seen on thehackernews.com…
-
Patchwork APT: Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload
Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying a new PowerShell-based loader that abuses Windows Scheduled Tasks to execute its final payload. Active since at least 2015 and focused on political and military intelligence across South and Southeast Asia, Patchwork is renowned for…
-
APT35 Hackers Targeting Government and Military to Steal Login Credentials
Tags: credentials, cyber, government, hacker, intelligence, login, malicious, military, phishing, threatStormshield CTI researchers have identified two active phishing servers linked to APT35, revealing ongoing credential-stealing operations targeting government and military entities. In an active threat-hunting operation, Stormshield’s Cyber Threat Intelligence (CTI) team discovered two malicious servers exhibiting hallmark characteristics of APT35 infrastructure. These servers, mirroring footprints documented by Check Point, are hosting phishing pages designed…
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
An App Used to Dox Charlie Kirk Critics Doxed Its Own Users Instead
Plus: A ransomeware gang steals data on 8,000 preschoolers, Microsoft blocks Israel’s military from using its cloud for surveillance, call-recording app Neon hits pause over security holes, and more. First seen on wired.com Jump to article: www.wired.com/story/app-used-to-dox-charlie-kirk-critics-doxed-its-own-users-instead/
-
The fight to lock down drones and their supply chains
Drones have already shown their impact in military operations, and their influence is spreading across the agricultural and industrial sectors. Given their technological … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/drones-cybersecurity-risks/
-
Russia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major Nations
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has become a central battleground for international conflict. Russia is leveraging cyber-attacks to alleviate economic pressure from international sanctions and to enhance its war-fighting capabilities, targeting key industries in major countries around the globe. In November…
-
AI is altering entry-level cyber hiring, and the nature of the skills gap
The certification trap and broken pipelines: Other experts argued that an over reliance on CVs and certifications is one of the biggest barriers to hiring success in cybersecurity because it acts to shut out otherwise qualified candidates.”Despite bringing valuable experience and perspectives, people with 10 years of work experience are put off because there is…
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
North Korean Group Targets South With Military ID Deepfakes
The North Korea-linked group Kimsuky used ChatGPT to create deepfakes of military ID documents in an attempt to compromise South Korean targets. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korean-group-south-military-id-deepfakes
-
Russia Tests Hypersonic Missile at NATO’s Doorstep”, and Shares the Video
Russian military exercises near NATO borders follow the recent incursion of Russian drones into the airspace of Poland and Romania, further stoking tensions with the West. First seen on wired.com Jump to article: www.wired.com/story/russia-hypersonic-missile-test-nato-borders/
-
North Korea’s Kimsuky Group Uses AI-Generated Military IDs in New Attack
North Korea’s Kimsuky hackers use AI-generated fake military IDs in a new phishing campaign, GSC warns, marking a… First seen on hackread.com Jump to article: hackread.com/north-korea-kimsuky-group-ai-generated-military-ids/
-
New Zealand sanctions Russian military hackers over cyberattacks on Ukraine
New Zealand has imposed sanctions on Russian military intelligence hackers accused of cyberattacks on Ukraine, including members of a notorious hacking unit previously tied to destructive malware campaigns. First seen on therecord.media Jump to article: therecord.media/new-zealand-russia-gru-ukraine
-
Nork snoops whip up fake South Korean military ID with help from ChatGPT
Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory First seen on theregister.com Jump to article: www.theregister.com/2025/09/15/north_korea_chatgpt_fake_id/
-
AI-Forged Military IDs Used in North Korean Phishing Attack
Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-military-ids-north-korea/
-
Pro-Russian Hackers Target Critical Industries Across the Globe
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has emerged as a central battleground for international conflict. Russia is increasingly using cyber-attacks as a strategic tool to alleviate economic pressure from international sanctions and to bolster its war capabilities. This shift has led to…
-
Hackers using generative AI “ChatGPT” to evade anti-virus defenses
The Kimsuky APT group has begun leveraging generative AI ChatGPT to craft deepfake South Korean military agency ID cards. Phishing lures deliver batch files and AutoIt scripts designed to evade anti-virus scanning through sophisticated obfuscation. Organizations must deploy endpoint detection and response (EDR) solutions to unmask hidden scripts and secure endpoints. On July 17, 2025,…
-
Cyber Privateers: The Return of the Hack-Back Debate
Is the second Trump administration open to private-sector companies, or non-military or other government agencies, using offensive security against cyber threats? First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/cyber-privateers-the-return-of-the-hack-back-debate/
-
Philippine military company spied upon with new China-linked malware
Cybersecurity researchers examining an intrusion into the network of a Philippine military company found a “new and advanced malware toolset” that they linked to China. First seen on therecord.media Jump to article: therecord.media/philippines-military-company-suspected-china-espionage-eggstreme-malware
-
Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group”, also known as APT-C-24 or “Rattlesnake””, has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage intrusions across South Asia. Active since at least 2012 and targeting governments, energy utilities, military installations, and mining operations in…
-
EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military
The post EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/eggstreme-new-fileless-malware-from-a-chinese-apt-targets-philippine-military/
-
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset
Bitdefender said the sophisticated multi-stage operation allowed attackers to maintain persistent access and steal sensitive data from a Philippines military company First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-apt-military-fileless/
-
EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core component, EggStremeAgent, is a full-featured backdoor that enables extensive system reconnaissance, lateral movement, and data…
-
BAE Systems surfaces autonomous submarine for military use
Tags: militaryBattery powered now, fuel-cells tomorrow – all packed in a shipping box First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/bae_systems_surfaces_autonomous_submarine/
-
Beijing went to ‘EggStreme’ lengths to attack Philippines military, researchers say
Ovoid-themed in-memory malware offers a menu for mayhem First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/eggstreme_malware_china_philippines/
-
Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware
Bitdefender uncovers EggStreme, a fileless malware by a China-based APT targeting the Philippine military and APAC organisations. Cybersecurity… First seen on hackread.com Jump to article: hackread.com/chinese-apt-philippine-military-eggstreme-fileless-malware/
-
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems
An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme.”This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads,” Bitdefender First seen on thehackernews.com Jump to…
-
Keys veröffentlicht: Angreifer konnten Livestreams des US-Militärs kapern
Jeder hätte über offizielle Social-Media-Kanäle des US-Militärs eigene Inhalte streamen können. Die nötigen Keys sind wohl über Google auffindbar gewesen. First seen on golem.de Jump to article: www.golem.de/news/keys-veroeffentlicht-angreifer-konnten-livestreams-des-us-militaers-kapern-2509-199945.html