Archive for the ‘Cyber Espionage’ Category

Avast details Worok espionage group’s compromise chain

Cyber espionage group Worok abuses Dropbox API to exfiltrate data via using a backdoor hidden in apparently innocuous image files. Researchers from cybersecurity firm Avast observed the recently discovered espionage group Worok abusing Dropbox API to exfiltrate data via using a backdoor hidden in apparently innocuous image files. The experts started their investigation from the analysis published […]

Leave a Comment

Cyber espionage campaign targets Asian countries since 2021

A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. ‚ÄúA distinct group of espionage attackers who were formerly associated with the […]

Leave a Comment

China-linked threat actors have breached telcos and network service providers

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers. The nation-state actors exploit publicly known vulnerabilities to compromise the target […]

Leave a Comment

NSO Group Spied on European Union‚ÄĒon French Orders?

An espionage attempt was made by an NSO Group customer to hack the phones of senior EU officials. Although there‚Äôs some suggestion that it might have been QuaDream‚ÄĒa similar Israeli spyware firm. Commissioner for Justice Didier Reynders (pictured) seems to have been the main target, along with several of his staffers at the Directorate-General for Justice and […]

Leave a Comment

China-linked GIMMICK implant now targets macOS

Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across Asia. In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tracked […]

Leave a Comment

Pegasus: Google reveals how the sophisticated spyware hacked into iPhones without user’s knowledge

Pegasus¬†spyware¬†was allegedly used by governments to spy upon prominent journalists, politicians and activists. A Google blog has revealed how the sophisticated software was used to attack¬†iPhone¬†users. The software used a vulnerability in iMessages to hack into iPhones without the user‚Äôs knowledge. The Pegasus spyware, developed by Israel‚Äôs NSO group, made headlines for being used by […]

Leave a Comment

Alaska’s Department of Health and Social Services Hack

Alaskan health department still struggling to recover after ‘nation-state sponsored’ cyberattack

Leave a Comment

NSO Group Hacked

There‚Äôs a lot to read out there. Amnesty International has a¬†report. Citizen Lab conducted an¬†independent analysis. The¬†Guardian¬†has¬†extensive coverage.¬†More¬†coverage. Most interesting is a list of over 50,000 phone numbers that were being spied on by NSO Group‚Äôs software. Why does NSO Group have that list? The obvious answer is that NSO Group provides spyware-as-a-service, and centralizes […]

Leave a Comment

UK spy chief says warns West faces ‚Äėmoment of reckoning‚Äô over tech

LONDON ‚ÄĒ Western countries risk losing control of technologies that are key to internet security and economic prosperity to nations like China and Russia if they don‚Äôt act to deal with the threat, one of the UK‚Äôs top spy chiefs warned Friday. ‚ÄúSignificant technology leadership is moving east‚ÄĚ and causing a conflict of interests and […]

Leave a Comment

Alarming Cybersecurity Stats: What You Need To Know For 2021

The year 2020 broke all records when it came to data lost in breaches and sheer numbers of cyber-attacks on companies, government, and individuals. In addition, the sophistication of threats increased from the application of emerging technologies such as machine learning, artificial intelligence, and 5G,  and especially from greater tactical cooperation among hacker groups and […]

Leave a Comment

Italian charged with hiring ‚Äúdark web hitman‚ÄĚ to murder his ex-girlfriend

In a brief yet¬†fascinating press release, Europol just announced the arrest of an Italian man who is accused of ‚Äúhiring a hitman on the dark web‚ÄĚ. According to Europol: The hitman, hired through an internet assassination website hosted on the Tor network, was paid about ‚ā¨10,000 worth in Bitcoins to kill the ex-girlfriend of the […]

Leave a Comment

FCC Boots Chinese Telecom Companies, Citing Security

he Federal Communications Commission‚Äôs (FCC) Public Safety and Homeland Security Bureau on March 12 identified five Chinese companies they said posed a threat to U.S. national security. These companies are: Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co. The declaration, according to the FCC, is in accordance […]

Leave a Comment

Chinese cyberspies go after telco providers, 5G secrets

A Chinese cyber-espionage group has shifted operations from targeting Vatican officials and Catholic organizations to telecom providers across Asia, Europe, and the US. The group, known in the cybersecurity community as Mustang Panda or RedDelta, has been targeting employees of telecom companies since last fall, as a gateway inside organizations, with the end goal of stealing 5G-related information. […]

Leave a Comment

Microsoft releases open-source CodeQL queries to assess Solorigate compromise

Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack In early 2021, the US agencies FBI, CISA, ODNI, and the NSA released a¬†joint statement¬†that blames Russia for the¬†SolarWinds¬†supply chain attack. The four agencies were part of the task force Cyber Unified Coordination Group (UCG) […]

Leave a Comment

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. Check Point Research team¬†discovered that China-linked¬†APT31¬†group (aka¬†Zirconium.) used a tool dubbed Jian, which is a clone of¬†NSA Equation Group¬†‚Äės ‚ÄúEpMe‚ÄĚ hacking tool years before it was leaked online […]

Leave a Comment

Chinese Supply-Chain Attack on Computer Systems

Bloomberg News has a¬†major story¬†about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It‚Äôs been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China‚Äôs exploitation of products made by Supermicro, as the U.S. company is […]

Leave a Comment

Cyber Espionage Report

Leave a Comment

Suspected Russian hackers spied on U.S. Treasury emails

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury Department and an agency that decides internet and telecommunications policy, according to people familiar with the matter. Three of the people familiar with the investigation said Russia is currently believed to be behind the attack. Two of the […]

Leave a Comment

FBI: Hackers stole source code from US government agencies and private companies

FBI blames intrusions on improperly configured SonarQube source code management tools. FBI officials say that threat actors have abused these misconfigurations to access SonarQube instances, pivot to the connected source code repositories, and then access and steal proprietary or private/sensitive applications. Officials provided two examples of past incidents: “In August 2020, unknown threat actors leaked […]

Leave a Comment

Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found

The publication of ‚ÄėVault 7‚Äô cyber tools by WikiLeaks marked the largest data loss in agency history, a task force concluded. The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency‚Äôs elite computer hackers ‚Äúprioritized building cyber weapons at the expense of […]

Leave a Comment