China

Pierluigi Paganini December 11, 2024
Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities

An alleged China-linked APT group targeted large business-to-business IT service providers in Southern Europe as part of Operation Digital Eye campaign. Between late June and mid-July 2024, a China-linked threat actor targeted major IT service providers in Southern Europe in a campaign codenamed ‘Operation Digital Eye.’ Cyberspies aimed to establish footholds and compromise downstream entities […]

Pierluigi Paganini December 04, 2024
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks in a joint advisory. Australia, Canada, New Zealand, and the U.S. issued a joint advisory to warn of People’s Republic of China (PRC)-linked cyber espionage targeting telecom networks. “The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal […]

Pierluigi Paganini November 14, 2024
China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

China-linked threat actors breached U.S. broadband providers and gained access to private communications of a limited number of U.S. government officials. The FBI and CISA continues to investigate a large-scale cyber-espionage campaign by China-linked threat actors targeting U.S. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. […]

Pierluigi Paganini November 10, 2024
U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers. The Consumer Financial Protection Bureau (CFPB) is a U.S. […]

Pierluigi Paganini November 07, 2024
Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. over security concerns following a national security review under the Investment Canada Act Canada’s decision to require ByteDance to dissolve the operations of […]

Pierluigi Paganini November 02, 2024
Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Sophos revealed a years-long “cat-and-mouse” battle with China-linked threat actors, using custom implants to track the attackers’ activities. Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for […]

Pierluigi Paganini October 26, 2024
Chinese cyber spies targeted phones used by Trump and Vance

China-linked threat actors targeted the phone communications of Donald Trump and vice presidential nominee JD Vance. China-linked hackers reportedly targeted phones used by former President Donald Trump and Senator JD Vance as part of a cyber espionage campaign aimed at gathering intelligence on American leaders, the New York Times reported. US intelligence is investigating the claims […]

Pierluigi Paganini October 06, 2024
China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

China-linked APT group Salt Typhoon breached U.S. broadband providers, potentially accessing systems for lawful wiretapping and other data. China-linked APT group Salt Typhoon (also known as FamousSparrow and GhostEmperor) breached U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. According to the Wall Street Journal, which reported the news […]

Pierluigi Paganini September 26, 2024
China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

China-linked threat actors compromised some U.S. internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. China-linked threat actors have breached several U.S. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. The state-sponsored hackers aimed at gathering intelligence from the targets or carrying […]

Pierluigi Paganini August 14, 2024
China-linked APT Earth Baku targets Europe, the Middle East, and Africa

China-linked threat actor Earth Baku expanded its operations in Europe, the Middle East, and Africa starting in late 2022. China-linked APT group Earth Baku (a threat actor associated with APT41) has expanded its operations beyond the Indo-Pacific region to Europe, the Middle East, and Africa. Trend Micro researchers observed the APT targeting countries like Italy, Germany, UAE, […]