Tag: cyberespionage
-
Cases of China-Backed Spy Groups Using Ransomware Come to Light
by
in SecurityNewsCyberattacks detected by Trend Micro and Orange Cyberdefense find hackers using malware linked to China-backed groups and ransomware, adding more evidence that nation-state cyberespionage groups are also now using ransomware and further blurring the line between the two. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/cases-of-china-backed-spy-groups-using-ransomware-come-to-light/
-
Russian cyberespionage groups target Signal users with fake group invites
by
in SecurityNewsQR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
-
China-linked APT group Winnti targets Japanese organizations since March 2024
by
in SecurityNewsChina-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered a new cyberespionage campaign, tracked as RevivalStone, carried out by the China-linked APT group Winnti in March 2024. Threat actors targeted Japanese companies in the manufacturing,…
-
RA World Ransomware Intrusion Involved Chinese Cyberespionage Tools
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ra-world-ransomware-intrusion-involved-chinese-cyberespionage-tools
-
Chinese Cyber-Spies Use Espionage Tools for Ransomware Side Hustle
by
in SecurityNewsA Chinese threat actor who targeted an Asian software company used the same toolset for the ransomware attack that was found in multiple cyberespionage incidents, leaving Symantec analysts to believe the hacker was a Chinese spy who used the malicious tools to earn some money on the side. First seen on securityboulevard.com Jump to article:…
-
Unusual attack linked to Chinese APT group combines espionage and ransomware
by
in SecurityNews
Tags: apt, attack, breach, china, cloud, country, credentials, crime, crimes, crypto, cyber, cybercrime, cyberespionage, data, encryption, espionage, exploit, finance, firewall, government, group, hacker, infection, insurance, intelligence, korea, microsoft, network, north-korea, ransom, ransomware, russia, software, tactics, technology, threat, veeam, vulnerabilityThe attacker demanded a $2-million ransom: The attack that resulted in the deployment of the RA World ransomware program, as well as data exfiltration, had the same chain: the toshdpdb.exe loading toshdpapi.dll then decrypting toshdp.dat which resulted in the PlugX variant being deployed. The difference is the attacker then chose to deploy the RA World…
-
Novel SSH backdoor leveraged in Chinese cyberespionage attacks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/novel-ssh-backdoor-leveraged-in-chinese-cyberespionage-attacks
-
International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists
by
in SecurityNewsThe International Civil Aviation Organization (ICAO) is investigating a data breach affecting system and employee security. The International Civil Aviation Organization (ICAO), a specialized agency of the United Nations, is investigating a significant data breach that has raised concerns about the security of its systems and employees data. In the updated statement published by ICAO,…
-
ICAO and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists
by
in SecurityNewsFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/icao-and-acao-breached-cyberespionage-groups-targeting-aviation-safety-specialists
-
CL0048: Chinese-Linked APT Targets Telecoms in South Asia
by
in SecurityNewsA newly identified cyberespionage campaign, tracked as CL-STA-0048, has been uncovered by Unit 42 researchers targeting high-value organizations First seen on securityonline.info Jump to article: securityonline.info/cl-sta-0048-chinese-linked-apt-targets-telecoms-in-south-asia/
-
Cyberspionage-Angriffe auf europäische Behörden nehmen zu
by
in SecurityNewsNach aktuellen Analysen der Bitdefender Labs richtet die Hackergruppe UAC-0063 ihre Spionage-Angriffe verstärkt gegen Behörden in Europa. Besonders betroffen sind mutmaßlich auch diplomatische Vertretungen in Deutschland, Großbritannien, den Niederlanden und Rumänien. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberspionage-angriffe-auf-europaeische-behoerden-nehmen-zu
-
Cyberspionage mit möglicherweise russischem Hintergrund auch gegen Behörden in Deutschland
by
in SecurityNewsLaut aktuellen Beobachtungen der Bitdefender Labs zielt die Gruppe UAC-0063 mit ihren Spionage-Attacken nun verstärkt auf Behörden, darunter wahrscheinlich auch Botschaften in Europa. Unter anderem in Deutschland, Großbritannien, den Niederlanden und Rumänien. Die Belege der ursprünglich auf Zentralasien gerichteten Aktivitäten nach Mittel- und Westeuropa zeigen die Kompetenz der Angreifer sowie ihre Flexibilität, mit ihrem Vorgehen…
-
New Chinese cyberespionage campaign targeted South Korean VPN service
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-chinese-cyberespionage-campaign-targeted-south-korean-vpn-service
-
Misinformation Is No. 1 Global Risk, Cyberespionage in Top 5
by
in SecurityNewsInadequate Cyber Resilience and More Findings From WEF’s Global Risks Report 2025. Polarization within societies, escalating geopolitical tensions and the proliferation of generative AI tools have cemented misinformation and disinformation as the top global risk in a two-year outlook, according to the World Economic Forum’s Global Risks Report 2025. First seen on govinfosecurity.com Jump to…
-
PlushDaemon: Neue Hackergruppe zielt auf VPN-Nutzer
by
in SecurityNewsForscher des IT-Sicherheitsunternehmens ESET haben eine bislang unbekannte Advanced Persistent Threat (APT)-Gruppe identifiziert, die mit China in Verbindung steht. Unter dem Namen PlushDaemon agiert die Gruppe offenbar seit mindestens 2019 und führt hochentwickelte Cyberspionage-Angriffe durch. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/plushdaemon-neue-hackergruppe-zielt-auf-vpn-nutzer
-
New APT28-linked cyberespionage campaign aimed at Central Asia
by
in SecurityNews
Tags: cyberespionageFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-apt28-linked-cyberespionage-campaign-aimed-at-central-asia
-
Report: Chinese Hackers Breached CFIUS
by
in SecurityNewsCyberespionage Campaign Reached Treasury Office that Reviews Foreign Investment. Chinese hackers reportedly breached a U.S. government office responsible for reviewing foreign investments for national security threats as part of a cyberespionage campaign targeting the Department of Treasury. Hackers gained access to the Committee on Foreign Investment in the U.S. First seen on govinfosecurity.com Jump to…
-
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
by
in SecurityNewsResearchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year.The latest attacks, exploiting…
-
Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
by
in SecurityNewsMandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/09/hackers-are-exploiting-a-new-ivanti-vpn-security-bug-to-hack-into-company-networks/
-
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
by
in SecurityNews
Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-dayGenerative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
-
EAGERBEE: Advanced Backdoor Targets Middle Eastern ISPs and Government Entities
by
in SecurityNewsKaspersky Labs has uncovered a sophisticated cyberespionage campaign deploying the EAGERBEE backdoor to infiltrate internet service providers (ISPs) First seen on securityonline.info Jump to article: securityonline.info/eagerbee-advanced-backdoor-targets-middle-eastern-isps-and-government-entities/
-
China’s Hacking of US Telecoms: Officials Name More Victims
by
in SecurityNewsReportedly Hacked: Charter Communications, Consolidated Communications, Windstream. The nine known victims of a broad and significant cyberespionage campaign the White House has tied to China reportedly include Charter Communications, Consolidated Communications and Windstream, as officials said the hackers’ earliest known telecom network penetration began in mid-2023. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinas-hacking-us-telecoms-officials-name-more-victims-a-27222
-
More telecom firms were breached by Chinese hackers than previously reported
by
in SecurityNews
Tags: access, at&t, attack, breach, china, cisco, communications, cyber, cyberespionage, cybersecurity, data, defense, disinformation, espionage, exploit, finance, fortinet, framework, government, group, hacker, Hardware, infrastructure, intelligence, international, microsoft, mobile, network, phone, regulation, risk, risk-management, router, spy, technology, threat, vulnerabilityChinese hackers linked to the Salt Typhoon cyberespionage operation have breached even more US telecommunications firms than initially reported.New victims, Charter Communications, Consolidated Communications, and Windstream, add to a growing list that already includes AT&T, Verizon, T-Mobile, and Lumen Technologies.Earlier, the US authorities informed that nine telecom firms have been affected by the Chinese espionage…
-
China-linked Salt Typhoon APT compromised more US telecoms than previously known
by
in SecurityNewsChina-linked Salt Typhoon group that breached multiple US telecoms compromised more firms than previously known, WSJ says. The China-linked cyberespionage group Salt Typhoon targeted more US telecoms than previously known, as The Wall Street Journal reported. According to WSJ, wich cited people familiar with the matter, the Chinese cyberspies also compromised Charter Communications and Windstream.…
-
US government sanctions Chinese cybersecurity company linked to APT group
by
in SecurityNewsThe US Department of Treasury’s Office of Foreign Assets Control (OFAC) has issued sanctions against a Beijing cybersecurity company for its role in attacks attributed to a Chinese cyberespionage group known as Flax Typhoon.The company, called Integrity Technology Group (Integrity Tech), is accused of providing the computer infrastructure that Flax Typhoon used in its operations…
-
China-linked APT Salt Typhoon breached a ninth U.S. telecommunications firm
by
in SecurityNewsA White House official confirmed that China-linked threat actor Salt Typhoon breached a ninth U.S. telecommunications company. A White House official confirmed confirmed that China-linked APT group Salt Typhoon has breached a ninth U.S. telecoms company as part of a cyberespionage campaign aimed at telco firms worldwide. >>A White House official said Friday the US…
-
Feds Identify Ninth Telecom Victim in Salt Typhoon Hack
by
in SecurityNewsOfficials Say Chinese Hackers Maintained ‘Broad and Full’ Access to Telecom Systems. Federal officials told reporters Friday that ongoing investigations into the Salt Typhoon cyberespionage campaign have identified a ninth victim company affected by the attack, in which hackers maintained broad and full access to vulnerable communications infrastructure across the country. First seen on govinfosecurity.com…
-
US Congress Authorizes $3B to Replace Chinese Telecom Gear
by
in SecurityNewsFederal ‘Rip-and-Replace’ Program Gets Funding Boost in Defense Bill. The 2025 National Defense Authorization Act includes $3 billion to fund an FCC program aimed at replacing Chinese-made telecommunications equipment across the country amid heightened threats from Beijing following the discovery of the Salt Typhoon cyberespionage campaign. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-congress-authorizes-3b-to-replace-chinese-telecom-gear-a-27160
-
US Considers TP-Link Ban After Volt Typhoon Hacking Campaign
by
in SecurityNewsMajor Chinese Router Manufacturer Facing Increased Scrutiny After Chinese Espionage. U.S. authorities have launched multiple investigations while reportedly considering banning the widely popular Chinese-manufactured TP-Link routers amid ongoing security risks linked to Chinese cyberespionage and hacking campaigns targeting American critical infrastructure sectors. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-considers-tp-link-ban-after-volt-typhoon-hacking-campaign-a-27139