Latest Espionage news

North Korea hacks two South Korean chip firms to steal engineering data

The National Intelligence Service (NIS) in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks.
- Bill Toulas
- March 04, 2024
- 09:46 AM
- 0
North Korean hackers linked to defense sector supply-chain attack

In an advisory today Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government.
- Bill Toulas
- February 19, 2024
- 03:24 PM
- 0
Blackwood hackers hijack WPS Office update to install malware

A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals.
- Bill Toulas
- January 25, 2024
- 03:30 PM
- 0
Ivanti Connect Secure zero-days exploited to deploy custom malware

Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes.
- Bill Toulas
- January 12, 2024
- 10:30 AM
- 0
Turkish hackers Sea Turtle expand attacks to Dutch ISPs, telcos

The Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers (ISPs), and Kurdish websites.
- Bill Toulas
- January 08, 2024
- 03:38 PM
- 0
Stealthy KV-botnet hijacks SOHO routers and VPN devices

The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named 'KV-botnet' it uses since at least 2022 to attack SOHO routers in high-value targets.
- Bill Toulas
- December 13, 2023
- 05:47 PM
- 1
New AeroBlade hackers target aerospace sector in the U.S.

A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector.
- Bill Toulas
- December 04, 2023
- 09:56 AM
- 0
Hackers use new Agent Raccoon malware to backdoor US targets

A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa.
- Bill Toulas
- December 01, 2023
- 02:15 PM
- 0
Canada bans WeChat and Kaspersky products on govt devices

Canada has banned the use of Kaspersky security products and Tencent's WeChat app on mobile devices used by government employees, citing network and national security concerns.
- Bill Toulas
- October 31, 2023
- 11:06 AM
- 3
France says Russian state hackers breached numerous critical networks

The Russian APT28 hacking group (aka 'Strontium' or 'Fancy Bear') has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021.
- Bill Toulas
- October 26, 2023
- 12:40 PM
- 0
International Criminal Court systems breached for cyber espionage

The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes.
- Ionut Ilascu
- October 21, 2023
- 10:01 AM
- 0
Women Political Leaders Summit targeted in RomCom malware phishing

A new, lightweight variant of the RomCom backdoor was deployed against participants of the Women Political Leaders (WPL) Summit in Brussels, a summit focusing on gender equality and women in politics.
- Bill Toulas
- October 15, 2023
- 10:16 AM
- 0
ToddyCat hackers use 'disposable' malware to target Asian telecoms

A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "disposable" malware to evade detection.
- Bill Toulas
- October 12, 2023
- 10:09 AM
- 0
China-linked cyberspies backdoor semiconductor firms with Cobalt Strike

Hackers engaging in cyber espionage have targeted Chinese-speaking semiconductor companies with TSMC-themed lures that infect them with Cobalt Strike beacons.
- Bill Toulas
- October 05, 2023
- 02:57 PM
- 0
Lazarus hackers breach aerospace firm with new LightlessCan malware

The North Korean 'Lazarus' hacking group targeted employees of an aerospace company located in Spain with fake job opportunities to hack into the corporate network using a previously unknown 'LightlessCan' backdoor.
- Bill Toulas
- September 29, 2023
- 05:30 AM
- 1
Budworm hackers target telcos and govt orgs with custom malware

A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor.
- Bill Toulas
- September 28, 2023
- 09:52 AM
- 0
US and Japan warn of Chinese hackers backdooring Cisco routers

A joint cybersecurity advisory by the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police) sheds light on the techniques the Chinese threat actors known as BlackTech use to attack Japanese and U.S. organizations.
- Bill Toulas
- September 27, 2023
- 11:51 AM
- 0
Evasive Gelsemium hackers spotted in attack against Asian govt

A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023.
- Bill Toulas
- September 23, 2023
- 11:09 AM
- 0
‘Sandman’ hackers backdoor telcos with new LuaDream malware

A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.'
- Bill Toulas
- September 21, 2023
- 03:50 PM
- 0
New SprySOCKS Linux malware used in cyber espionage attacks

A Chinese espionage-focused hacker tracked as 'Earth Lusca' was observed targeting government agencies in multiple countries, using a new Linux backdoor dubbed 'SprySOCKS.'
- Bill Toulas
- September 18, 2023
- 10:05 AM
- 2