Latest Cyber-espionage news

North Korea hacks two South Korean chip firms to steal engineering data

The National Intelligence Service (NIS) in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks.
- Bill Toulas
- March 04, 2024
- 09:46 AM
- 0
U.S. charges Iranian for hacks on defense orgs, offers $10M for info

The U.S. Department of Justice (DoJ) has unveiled an indictment against Alireza Shafie Nasab, a 39-year-old Iranian national, for his role in a cyber-espionage campaign targeting U.S. government and defense entities.
- Bill Toulas
- March 01, 2024
- 09:47 AM
- 0
North Korean hackers linked to defense sector supply-chain attack

In an advisory today Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government.
- Bill Toulas
- February 19, 2024
- 03:24 PM
- 0
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers

The FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks.
- Sergiu Gatlan
- February 15, 2024
- 01:00 PM
- 3
Chinese hackers infect Dutch military network with malware

A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.
- Sergiu Gatlan
- February 06, 2024
- 01:49 PM
- 0
Blackwood hackers hijack WPS Office update to install malware

A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals.
- Bill Toulas
- January 25, 2024
- 03:30 PM
- 0
Chinese hackers exploit VMware bug as zero-day for two years

A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021.
- Sergiu Gatlan
- January 19, 2024
- 11:32 AM
- 0
Ivanti Connect Secure zero-days exploited to deploy custom malware

Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes.
- Bill Toulas
- January 12, 2024
- 10:30 AM
- 0
Turkish hackers Sea Turtle expand attacks to Dutch ISPs, telcos

The Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers (ISPs), and Kurdish websites.
- Bill Toulas
- January 08, 2024
- 03:38 PM
- 0
Microsoft: Hackers target defense firms with new FalseFont malware

Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide.
- Sergiu Gatlan
- December 21, 2023
- 03:28 PM
- 0
Stealthy KV-botnet hijacks SOHO routers and VPN devices

The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named 'KV-botnet' it uses since at least 2022 to attack SOHO routers in high-value targets.
- Bill Toulas
- December 13, 2023
- 05:47 PM
- 1
New AeroBlade hackers target aerospace sector in the U.S.

A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector.
- Bill Toulas
- December 04, 2023
- 09:56 AM
- 0
Hackers use new Agent Raccoon malware to backdoor US targets

A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa.
- Bill Toulas
- December 01, 2023
- 02:15 PM
- 0
Ukraine says it hacked Russian aviation agency, leaks data

Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector.
- Bill Toulas
- November 27, 2023
- 01:23 PM
- 1
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine

A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
- Bill Toulas
- November 20, 2023
- 05:32 PM
- 0
Iranian hackers launch malware attacks on Israel’s tech sector

Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms.
- Bill Toulas
- November 12, 2023
- 10:30 AM
- 3
Canada bans WeChat and Kaspersky products on govt devices

Canada has banned the use of Kaspersky security products and Tencent's WeChat app on mobile devices used by government employees, citing network and national security concerns.
- Bill Toulas
- October 31, 2023
- 11:06 AM
- 3
France says Russian state hackers breached numerous critical networks

The Russian APT28 hacking group (aka 'Strontium' or 'Fancy Bear') has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021.
- Bill Toulas
- October 26, 2023
- 12:40 PM
- 0
European govt email servers hacked using Roundcube zero-day

The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks.
- Sergiu Gatlan
- October 25, 2023
- 07:00 AM
- 0
Iranian hackers lurked in Middle Eastern govt network for 8 months

The Iranian hacking group tracked as OilRig (APT34) breached at least twelve computers belonging to a Middle Eastern government network and maintained access for eight months between February and September 2023.
- Bill Toulas
- October 19, 2023
- 12:40 PM
- 0