Tag: espionage
-
New Windows zero-day exploited by 11 state hacking groups since 2017
by
in SecurityNewsAt least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/
-
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
by
in SecurityNewsAn unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad…
-
China identifies Taiwanese hackers allegedly behind cyberattacks and espionage
by
in SecurityNewsIn a rare move, China’s state security ministry released the names and photos of four alleged hackers within Taiwan’s defense ministry. First seen on therecord.media Jump to article: therecord.media/china-taiwan-hacks-identify-cyber
-
11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft
by
in SecurityNewsZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands. The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/11-state-sponsored-apts-exploiting-lnk-files-for-espionage-data-theft/
-
Squid Werewolf Mimics Recruiters to Target Job Seekers and Steal Personal Data
by
in SecurityNewsIn a sophisticated phishing campaign uncovered by the BI.ZONE Threat Intelligence team, the Squid Werewolf group, also known as APT37, has been impersonating recruiters to target key employees in various organizations. This espionage cluster uses fake job opportunities to lure victims into opening malicious attachments, which ultimately lead to system compromise and data theft. Phishing…
-
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a backdoor known as ANEL.The attack, detected by ESET in late August 2024, singled out a Central European diplomatic institute with lures related to Word Expo,…
-
Denmark Issues Warning on Major Cyber Attacks Targeting Telecom Sector
Denmark has announced a heightened alert status for the telecommunications sector due to an increased threat from cyber attacks. According to a recent threat assessment by the Danish Agency for Social Security, the risk level for cyber espionage against the Danish telecom sector has been elevated to >>HIGH.
-
Denmark Warns of Increased Cyber Espionage Against Telecom Sector
by
in SecurityNewsA new threat assessment from the Danish Civil Protection Authority (SAMSIK) warned of cyberattacks targeting the telecommunications sector after citing a wave of incidents hitting European organizations the past few years. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/denmark-warns-increased-cyber-espionage-telecom-sector
-
GitHub accounts targeted with fake security alerts
by
in SecurityNewsPossible DPRK links: Luc4m’s X post hinted at possible nation-state connections, adding, “Smells #DPRK?” While nothing else was said on the X thread, North Korea is known for using click-fix attacks for its cyber espionage activities, with Contagious Interviews being a prominent one of those campaigns.All GitHub fake alerts included the same login information, location:…
-
FCC creates national security council to counter cyber threats from China
by
in SecurityNews
Tags: 5G, access, ai, attack, breach, china, communications, computing, cyber, cyberattack, cybersecurity, data, espionage, government, group, hacking, incident, infrastructure, Internet, microsoft, office, strategy, supply-chain, technology, threat, vulnerabilityThree-pronged strategy: The council will pursue a tripartite strategy focusing on reducing dependency, mitigating vulnerabilities, and ensuring American technological leadership.First, it aims to reduce American technology and telecommunications sectors’ trade and supply chain dependencies on foreign adversaries. This goal aligns with broader government efforts to “friend-shore” critical technology supply chains and decrease reliance on potentially…
-
Attackers attempted hijacking 12,000 GitHub accounts with click-fix alerts
by
in SecurityNewsPossible DPRK links: Luc4m’s X post hinted at possible nation-state connections, adding, “Smells #DPRK?” While nothing else was said on the X thread, North Korea is known for using click-fix attacks for its cyber espionage activities, with Contagious Interviews being a prominent one of those campaigns.All GitHub fake alerts included the same login information, location:…
-
Denmark warns of increased state-sponsored campaigns targeting the European telcos
by
in SecurityNewsDenmark ‘s cybersecurity agency warns of increased state-sponsored campaigns targeting the European telecom companies Denmark raised the cyber espionage threat level for its telecom sector from medium to high due to rising threats across Europe. The Danish Social Security Agency published a new threat assessment for the cyber threat to the telecommunications sector that highlights…
-
Squid Werewolf APT Masquerades as Recruiters in Espionage Campaign Targeting Key Employees
by
in SecurityNewsThe BI.ZONE Threat Intelligence team has uncovered a new cyber-espionage campaign attributed to Squid Werewolf, also known as First seen on securityonline.info Jump to article: securityonline.info/squid-werewolf-apt-masquerades-as-recruiters-in-espionage-campaign-targeting-key-employees/
-
Chinese espionage group UNC3886 targets Juniper routers
by
in SecurityNewsAdvanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620812/Chinese-espionage-group-UNC3886-targets-Juniper-routers
-
Europe’s telecoms sector under increased threat from cyber spies, warns Denmark
by
in SecurityNewsState-sponsored cyber espionage is a bigger threat than ever to Europe’s telecommunications networks, according to a new assessment from Denmark’s government. First seen on therecord.media Jump to article: therecord.media/europe-increased-cyber-espionage-telecoms-denmark-report
-
Silk Typhoon Targeting IT Supply Chains and Network Devices, Microsoft Reports
by
in SecurityNews
Tags: china, espionage, exploit, group, intelligence, microsoft, network, supply-chain, tactics, threatMicrosoft Threat Intelligence has issued new reporting about tactics being used by Silk Typhoon (also called APT27 or HAFNIUM by some researchers). Silk Typhoon is a Chinese espionage group, observed targeting Microsoft Exchange Servers in 2021, now reported to be targeting common IT solutions for initial access. Microsoft reports that Silk Typhoon exploits unpatched applications,……
-
5 Things To Know About China-Linked Juniper Router Attacks
by
in SecurityNewsJuniper Networks has released a fix for a Junos OS vulnerability, which Mandiant researchers say has been exploited by a China-based espionage group. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-things-to-know-about-china-linked-juniper-router-attacks
-
FCC launches national security unit to counter state-linked threats to US telecoms
by
in SecurityNewsThe new council is part of an;effort to thwart Salt Typhoon and other cyber espionage groups. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fcc-national-security-council/742440/
-
North Korean Hackers Use Google Play Malware to Steal SMS, Calls Screenshots
by
in SecurityNewsCybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed >>KoSpy,
-
Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor
by
in SecurityNewsCybersecurity researchers have uncovered a sophisticated cyber espionage campaign targeting critical network infrastructure, marking a significant evolution in tactics by Chinese state-sponsored hackers. Mandiant, a leading cybersecurity firm, has discovered multiple custom backdoors deployed on Juniper Networks’ routers, attributing the activity to a Chinese espionage group known as UNC3886. The backdoors provided attackers with persistent…
-
China-linked APT UNC3886 targets EoL Juniper routers
by
in SecurityNewsMandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper NetworksJunos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to…
-
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
by
in SecurityNewsUNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected. First seen on hackread.com Jump to article: hackread.com/chinese-group-unc3886-backdoor-juniper-routers/
-
SideWinder APT Group: Maritime Nuclear Targets, Evolved Malware
The SideWinder Advanced Persistent Threat (APT) group has expanded its cyber-espionage operations, targeting the maritime and nuclear sectors First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-group-maritime-nuclear-targets-evolved-malware/
-
North Korean Cyber Espionage Group Kimsuky Exploits University Website in Watering Hole Attack
by
in SecurityNewsCybersecurity researchers from ESTsecurity’s Security Response Center (ESRC) have uncovered a new watering hole attack campaign attributed to First seen on securityonline.info Jump to article: securityonline.info/north-korean-cyber-espionage-group-kimsuky-exploits-university-website-in-watering-hole-attack/
-
Spyware in bogus Android apps is attributed to North Korean group
by
in SecurityNewsA North Korean nation-state group tracked as APT37 or ScarCruft placed infected utilities in Android app stores as part of an espionage campaign, according to researchers at Lookout. First seen on therecord.media Jump to article: therecord.media/north-korea-malware-android-apps-kospy-apt37-scarcruft
-
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure.”The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that…
-
Chinese Hackers Implant Backdoor Malware on Juniper Routers
Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-backdoor-malware-juniper/
-
UK ‘Extremely Worried’ About Cyberthreats
by
in SecurityNewsRisk of Espionage and Disruption Key Risks, Lawmakers Warned. The British government is extremely worried about the Chinese and Russian cyberespionage and disruptive hacks, government officials told the U.K. Public Accounts Committee on Monday. The United Kingdom has faced a substantial escalation in cyberthreats in the last three years, lawmakers heard. First seen on govinfosecurity.com…
-
UK ‘Extremely Worried’ About Cyber Threats
by
in SecurityNewsRisk of Espionage and Disruption Key Risks, Lawmakers Warned. The British government is extremely worried about the Chinese and Russian cyber espionage and disruptive hacks, government officials told the UK Public Accounts Committee on Monday. The United Kingdom has faced a substantial escalation in cyberthreats in the last three years, lawmakers heard. First seen on…