Intelligence Archives - Page 12 of 176

Pierluigi Paganini February 18, 2025

China-linked APT group Winnti targets Japanese organizations since March 2024

China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered a new cyberespionage campaign, tracked as RevivalStone, carried out by the China-linked APT group Winnti in March 2024. Threat actors targeted Japanese companies in the manufacturing, […]

Pierluigi Paganini February 16, 2025

Storm-2372 used the device code phishing technique since August 2024

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Microsoft Threat Intelligence researchers warn that threat actor Storm-2372, likely linked to Russia, has been targeting governments, NGOs, and various industries across multiple regions since August 2024. The attackers employ a phishing technique called […]

Pierluigi Paganini February 16, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site From South America to Southeast Asia: The Fragile Web of REF7707 Analyzing DEEP#DRIVE: North Korean […]

Pierluigi Paganini February 14, 2025

China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws

China-linked APT Salt Typhoon has breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. China-linked APT group Salt Typhoon is still targeting telecommunications providers worldwide, and according to a new report published by Recorded Future’s Insikt Group, the threat actors has breached more U.S. telecommunications providers by exploiting unpatched Cisco IOS XE […]

Pierluigi Paganini February 13, 2025

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

Researchers at cybersecurity firm Resecurity detected a rise in cyberattacks targeting UAV and counter-UAV technologies. Resecurity identified an increase in malicious cyber activity targeting UAV and counter-UAV (C-UAV/C-UAS) technologies. That was especially notable during active periods of local conflicts, including the escalation of the Russia-Ukraine war and the Israel-Hamas confrontation. The trend of malicious targeting […]

Pierluigi Paganini February 12, 2025

North Korea-linked APT Emerald Sleet is using a new tactic

Microsoft Threat Intelligence has observed North Korea-linked APT Emerald Sleet using a new tactic, tricking targets into running PowerShell. Microsoft Threat Intelligence researchers spotted North Korea-linked threat actor Emerald Sleet (also known as Kimsuky and VELVET CHOLLIMA) using a new tactic. They are tricking targets into running PowerShell as an administrator and executing code provided […]

Pierluigi Paganini February 10, 2025

UK Gov demands backdoor to access Apple iCloud backups worldwide

UK secretly demands Apple create an iCloud backdoor via a Technical Capability Notice, raising privacy concerns over end-to-end encryption. The UK demands Apple to create a backdoor to access any iCloud backups, the request raises concerns about user privacy and undermines Apple’s security commitments. “The British government’s undisclosed order, issued last month, requires blanket capability […]

Pierluigi Paganini February 08, 2025

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in 2013. The group works under the control […]

Pierluigi Paganini February 08, 2025

Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps

Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps and forums, offering quick pay, Ukraine’s law enforcement warns. According to Ukraine’s law enforcement, Russian intelligence is using messaging apps and forums to recruit Ukrainians for terrorist attacks, offering quick pay. Ukrainian authorities have recently seen a rise in terrorist attacks on police, military centers, […]

Pierluigi Paganini February 05, 2025

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

The International Civil Aviation Organization (ICAO) is investigating a data breach affecting system and employee security. The International Civil Aviation Organization (ICAO), a specialized agency of the United Nations, is investigating a significant data breach that has raised concerns about the security of its systems and employees data. In the updated statement published by ICAO, […]

Intelligence

China-linked APT group Winnti targets Japanese organizations since March 2024

Storm-2372 used the device code phishing technique since August 2024

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

North Korea-linked APT Emerald Sleet is using a new tactic

UK Gov demands backdoor to access Apple iCloud backups worldwide

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

Android Apps misusing NFC and HCE to steal payment data on the rise

Conduent January 2025 breach impacts 10M+ people

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

QUICK LINKS

Intelligence

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!