Intelligence

Pierluigi Paganini January 20, 2023
Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. According to the security firm, the vulnerability was exploited in attacks against a series of targets, including a […]

Pierluigi Paganini January 09, 2023
Phishing campaign targets government institutions in Moldova

The government institutions of Moldova have been hit by a wave of phishing attacks since the country offered support to Ukraine. The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than 1,330 emails to accounts belonging to the country’s state services. “The Information Technology and Cyber […]

Pierluigi Paganini January 09, 2023
Russia-linked Cold River APT targeted US nuclear research laboratories

Russia-linked Cold River APT targeted three nuclear research laboratories in the United States in 2022 summer, Reuters reported. Reuters reported that the Russia-linked APT group Cold River (aka Calisto) targeted three nuclear research laboratories in the United States between August and September 2022. The Cold River APT group targeted the Brookhaven (BNL), Argonne (ANL), and […]

Pierluigi Paganini January 08, 2023
Russian and Belarusian men charged with spying for Russian GRU

Polish authorities charged Russian and Belarusian individuals with spying for the Russian military intelligence service (GRU). Polish authorities charged Russian and Belarusian individuals, who were arrested in April, with spying for the Russian military intelligence service (GRU) from 2017 to April 2022. The defendants gathered intelligence on military facilities critical for the defense of the […]

Pierluigi Paganini January 02, 2023
Pro-Russia cyberattacks aim at destabilizing Poland, security agency warns

Poland security agency warns pro-Russian hackers that are continuously targeting the state since the start of the invasion of Ukraine. Since the beginning of the invasion of Ukraine, Poland has been a constant target of cyber attacks conducted by pro-Russian hackers, Poland’s security agency warns. The attacks aimed at almost any entity in Poland, including […]

Pierluigi Paganini December 23, 2022
TikTok parent company ByteDance revealed the use of TikTok data to track journalists

ByteDance admitted that its employees accessed TikTok data to track journalists to identify the source of leaks to the media. TikTok parent company ByteDance revealed that several employees accessed the TikTok data of two journalists to investigate leaks of company information to the media.  According to an email from ByteDance’s general counsel Erich Andersen which […]

Pierluigi Paganini December 22, 2022
North Korea-linked hackers stole $626 million in virtual assets in 2022

North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past five years. South Korea’s spy agency, the National Intelligence Service, estimated that North Korea-linked threat actors have stolen an estimated 1.5 trillion won ($1.2 billion) in cryptocurrency and other virtual assets in the past five […]

Pierluigi Paganini December 20, 2022
UAC-0142 APT targets Ukraine’s Delta military intelligence program

Ukraine’s CERT-UA revealed the national Delta military intelligence program has been targeted with a malware-based attack. On December 17, 2022, the Center for Innovations and Development of Defense Technologies of the Ministry of Defense of Ukraine informed the Government Computer Emergency Response Team of Ukraine (CERT-UA) of being targeted by a malware-based attack. The spear […]

Pierluigi Paganini December 20, 2022
Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August

Russia-linked Gamaredon APT group targeted a large petroleum refining company in a NATO state this year amid the invasion of Ukraine. The Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) is behind a failed attack against a large petroleum refining company in a NATO member state earlier amid the invasion of Ukraine. Gamaredon […]

Pierluigi Paganini December 16, 2022
Former Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi Arabia

An ex Twitter employee has been sentenced to three-and-a-half years in prison for spying on individuals on behalf of Saudi Arabia. On august 2022, the former Twitter employee, Ahmad Abouammo (44), was found guilty of gathering private information of certain Twitter users and passing them to Saudi Arabia. Now Abouammo was has been sentenced to three-and-a-half years […]