cyber espionage

GoldenJackal APT group breaches air-gapped systems in Europe

APT, cyber espionage, cybercrime, cybersecurity, ESET, EU, News /

GoldenJackal APT group breaches air-gapped systems in Europe 2024-10-09 at 07:01 By Help Net Security ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a governmental organization of a European Union country. Cyberespionage […]

React to this headline:

Loading spinner

GoldenJackal APT group breaches air-gapped systems in Europe Read More »

Exposed: Russian military Unit 29155 does digital sabotage, espionage

CISA, cyber espionage, cyber sabotage, cyber war, cybercriminals, disruption, Don't miss, hacker, Hot stuff, Justice Department, NATO, News, Russian Federation, Ukraine, USA /

Exposed: Russian military Unit 29155 does digital sabotage, espionage 2024-09-06 at 17:01 By Zeljka Zorz The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for the 2022

React to this headline:

Loading spinner

Exposed: Russian military Unit 29155 does digital sabotage, espionage Read More »

Pioneer Kitten: Iranian hackers partnering with ransomware affiliates

CISA, cyber espionage, Don't miss, FBI, Iran, News, Ransomware /

Pioneer Kitten: Iranian hackers partnering with ransomware affiliates 2024-08-28 at 19:46 By Zeljka Zorz A group of Iranian hackers – dubbed Pioneer Kitten by cybersecurity researchers – is straddling the line between state-contracted cyber espionage group and initial access provider (and partner in crime) for affiliates of several ransomware groups. “The FBI assesses these actors

React to this headline:

Loading spinner

Pioneer Kitten: Iranian hackers partnering with ransomware affiliates Read More »

Chinese hackers compromised an ISP to deliver malicious software updates

APT, cyber espionage, DNS, Don't miss, ESET, Hot stuff, ISP, Malware, News, supply chain compromise, Symantec, Volexity /

Chinese hackers compromised an ISP to deliver malicious software updates 2024-08-05 at 13:46 By Zeljka Zorz APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive Panda, aka StormCloud), a Chinese-speaking threat

React to this headline:

Loading spinner

Chinese hackers compromised an ISP to deliver malicious software updates Read More »

Chinese attackers leverage previously unseen malware for espionage

China, cyber espionage, cybercrime, cybersecurity, Malware, News, report, Sophos, survey /

Chinese attackers leverage previously unseen malware for espionage 2024-06-06 at 05:46 By Help Net Security Sophos released its report, “Operation Crimson Palace: Threat Hunting Unveils Multiple Clusters of Chinese State-Sponsored Activity Targeting Southeast Asia,” which details a highly sophisticated, nearly two-year long espionage campaign against a high-level government target. During Sophos X-Ops’ investigation, which began

React to this headline:

Loading spinner

Chinese attackers leverage previously unseen malware for espionage Read More »

Moonstone Sleet: A new North Korean threat actor

cyber espionage, data theft, Don't miss, Hot stuff, Microsoft, News, North Korea, Ransomware /

Moonstone Sleet: A new North Korean threat actor 2024-05-29 at 15:46 By Zeljka Zorz Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of the North Korean regime. “Moonstone Sleet uses tactics, techniques, and procedures (TTPs) also used by other North Korean

React to this headline:

Loading spinner

Moonstone Sleet: A new North Korean threat actor Read More »

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)

0-day, APT, CVE, cyber espionage, Don't miss, exploit, Hot stuff, Microsoft, News, Windows /

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) 2024-04-23 at 17:01 By Zeljka Zorz For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a

React to this headline:

Loading spinner

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) Read More »

State-sponsored hackers know enterprise VPN appliances inside out

attacks, cyber espionage, Don't miss, enterprise, Fortinet, government-backed attacks, Hot stuff, Ivanti, Mandiant, News, threat, Threat Intelligence /

State-sponsored hackers know enterprise VPN appliances inside out 2024-02-28 at 14:19 By Zeljka Zorz Suspected Chinese state-sponsored hackers who have been leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated “a nuanced understanding of the appliance”, according to Mandiant incident responders and threat hunters. They were able to perform a

React to this headline:

Loading spinner

State-sponsored hackers know enterprise VPN appliances inside out Read More »

Cyber threats cast shadow over 2024 elections

cyber espionage, cybercrime, cybersecurity, election security, News, report, survey, Tidal Cyber /

Cyber threats cast shadow over 2024 elections 2024-02-16 at 06:01 By Help Net Security Considering that 2024 is a historic year for elections – with an estimated half of the world’s population taking part in democratic votes – this high threat of cyber interference has significant implications for global free society, threatening to undermine confidence

React to this headline:

Loading spinner

Cyber threats cast shadow over 2024 elections Read More »

Global malicious activity targeting elections is skyrocketing

cyber espionage, cybercrime, cybersecurity, election security, News, Resecurity /

Global malicious activity targeting elections is skyrocketing 2024-02-13 at 13:46 By Help Net Security With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally. In an era of unprecedented geopolitical volatility, this trend is particularly concerning, as Time Magazine

React to this headline:

Loading spinner

Global malicious activity targeting elections is skyrocketing Read More »

Russian hackers breached Microsoft, HPE corporate maliboxes

APT, cyber espionage, data breach, Don't miss, Hot stuff, HPE, Microsoft, News /

Russian hackers breached Microsoft, HPE corporate maliboxes 2024-01-25 at 15:31 By Helga Labus Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently disclosed successful attack campaigns by the Russia-affiliated APT group. The Microsoft breach Last Friday, Microsoft revealed

React to this headline:

Loading spinner

Russian hackers breached Microsoft, HPE corporate maliboxes Read More »

Blackwood APT delivers malware by hijacking legitimate software update requests

backdoor, China, cyber espionage, Don't miss, ESET, hijacking, Japan, Malware, MITM, News, UK /

Blackwood APT delivers malware by hijacking legitimate software update requests 2024-01-25 at 13:32 By Help Net Security ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage operations against individuals and companies from China, Japan, and the United Kingdom. It leverages

React to this headline:

Loading spinner

Blackwood APT delivers malware by hijacking legitimate software update requests Read More »

OilRig targets Israel organizations with new lightweight downloaders

cyber espionage, cybercrime, cybersecurity, ESET, Israel, News /

OilRig targets Israel organizations with new lightweight downloaders 15/12/2023 at 14:55 By Help Net Security ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of special interest, all located in Israel. They include an organization in the healthcare sector,

React to this headline:

Loading spinner

OilRig targets Israel organizations with new lightweight downloaders Read More »

Russian hackers target unpatched JetBrains TeamCity servers

APT, CISA, cyber espionage, Don't miss, enterprise, exploit, Fortinet, Hot stuff, JetBrains, National Cyber Security Centre, News, Shadowserver, vulnerability /

Russian hackers target unpatched JetBrains TeamCity servers 14/12/2023 at 16:04 By Helga Labus Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. The targets APT 29 (aka CozyBear, aka Midnight Blizzard), believed to be associated with

React to this headline:

Loading spinner

Russian hackers target unpatched JetBrains TeamCity servers Read More »

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)

APT, cyber espionage, Don't miss, Email, EU, Hot stuff, Microsoft, Microsoft Exchange, News, Outlook, vulnerability /

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397) 05/12/2023 at 17:47 By Helga Labus Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and private entities in Poland, Polish Cyber Command has warned. Compromising email accounts and maintaining

React to this headline:

Loading spinner

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397) Read More »

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm

APT, backdoor, cyber espionage, ESET, News, spear-phishing /

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm 02/10/2023 at 11:48 By Help Net Security Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta — the company behind Facebook, Instagram,

React to this headline:

Loading spinner

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm Read More »

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet

attacks, critical infrastructure, cyber espionage, cyber resilience, cybersecurity, ENISA, EU, law, News, regulation, report /

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet 21/09/2023 at 06:32 By Help Net Security More than 97% of the world’s internet traffic passes through subsea cables at some point, according to ENISA. Subsea cables are a vital component of the global internet infrastructure, and it is critical to protect them

React to this headline:

Loading spinner

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet Read More »

How Chinese hackers got their hands on Microsoft’s token signing key

cloud security, cyber espionage, data theft, Don't miss, enterprise, Europe, Government, Hot stuff, Microsoft, Microsoft 365, News, USA, Wiz /

How Chinese hackers got their hands on Microsoft’s token signing key 07/09/2023 at 17:00 By Zeljka Zorz The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere

React to this headline:

Loading spinner

How Chinese hackers got their hands on Microsoft’s token signing key Read More »

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

Android, cyber espionage, cybercrime, cybercriminals, cybersecurity, data, Don't miss, ESET, Google, Google Play, Malware, News, Signal, smartphones, software, Telegram /

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store 31/08/2023 at 12:18 By Help Net Security ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since

React to this headline:

Loading spinner

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store Read More »

Optimized by Optimole
Scroll to Top