Intelligence Archives - Page 10 of 174

Pierluigi Paganini February 27, 2025

Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons

Cellebrite blocked Serbia from using its solution after reports that police used it to unlock and infect the phones of a journalist and activist. A report published by Amnesty International in December 2024 documented the use of Cellebrite’s forensics tools by Serbia police to unlock and install spyware on the phones of a local journalist and […]

Pierluigi Paganini February 26, 2025

New Ghostwriter campaign targets Ukrainian Government and opposition activists in Belarus

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader. The campaign has been active since late 2024, threat actors used weaponized Microsoft […]

Pierluigi Paganini February 24, 2025

Australia bans Kaspersky over national security concerns

Australia bans Kaspersky software over national security concerns, citing risks of foreign interference, espionage, and sabotage of government networks. Australian Government banned products and services provided by Russian cybersecurity firm Kaspersky over national security concerns. The Secretary of the Department of Home Affairs has issued a mandatory directive under the Protective Security Policy Framework (PSPF) […]

Pierluigi Paganini February 24, 2025

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

A leak suggests that Chinese cybersecurity firm TopSec offers censorship-as-a-service services, it provided bespoke monitoring services to a state-owned enterprise facing a corruption scandal. SentinelLABS researchers analyzed a data leak that suggests that the Chinese cybersecurity firm TopSec offers censorship-as-a-service services. The origin of the data leak is unclear, the leak is large and inconsistently […]

Pierluigi Paganini February 20, 2025

Salt Typhoon used custom malware JumbledPath to spy U.S. telecom providers

China-linked cyber espionage group Salt Typhoon uses custom malware JumbledPath to on spy U.S. telecom providers. Cisco Talos researchers reported that China-linked APT group Salt Typhoon uses a custom-built utility, dubbed JumbledPath, to spy on network traffic of U.S. telecommunication providers. China-linked APT group Salt Typhoon (also known as FamousSparrow and GhostEmperor) and has been active since at least 2019 and […]

Pierluigi Paganini February 18, 2025

China-linked APT group Winnti targets Japanese organizations since March 2024

China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered a new cyberespionage campaign, tracked as RevivalStone, carried out by the China-linked APT group Winnti in March 2024. Threat actors targeted Japanese companies in the manufacturing, […]

Pierluigi Paganini February 16, 2025

Storm-2372 used the device code phishing technique since August 2024

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Microsoft Threat Intelligence researchers warn that threat actor Storm-2372, likely linked to Russia, has been targeting governments, NGOs, and various industries across multiple regions since August 2024. The attackers employ a phishing technique called […]

Pierluigi Paganini February 16, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site From South America to Southeast Asia: The Fragile Web of REF7707 Analyzing DEEP#DRIVE: North Korean […]

Pierluigi Paganini February 14, 2025

China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws

China-linked APT Salt Typhoon has breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. China-linked APT group Salt Typhoon is still targeting telecommunications providers worldwide, and according to a new report published by Recorded Future’s Insikt Group, the threat actors has breached more U.S. telecommunications providers by exploiting unpatched Cisco IOS XE […]

Pierluigi Paganini February 13, 2025

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

Researchers at cybersecurity firm Resecurity detected a rise in cyberattacks targeting UAV and counter-UAV technologies. Resecurity identified an increase in malicious cyber activity targeting UAV and counter-UAV (C-UAV/C-UAS) technologies. That was especially notable during active periods of local conflicts, including the escalation of the Russia-Ukraine war and the Israel-Hamas confrontation. The trend of malicious targeting […]

Intelligence

Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons

New Ghostwriter campaign targets Ukrainian Government and opposition activists in Belarus

Australia bans Kaspersky over national security concerns

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Salt Typhoon used custom malware JumbledPath to spy U.S. telecom providers

China-linked APT group Winnti targets Japanese organizations since March 2024

Storm-2372 used the device code phishing technique since August 2024

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Intelligence

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!