Cyberespionage Archives - Page 2 of 20

Pierluigi Paganini March 10, 2024

Lithuania security services warn of China’s espionage against the country

A report published by Lithuanian security services warned that China has escalated its espionage operations against Lithuania. A report released by Lithuanian security services has cautioned that China has intensified espionage activities targeting Lithuania. Previously, the government of Beijing was interested in information about the ‘five poisons’ (Taiwan, Hong Kong, Tibet, Xinjiang, and Falun Gong) […]

Pierluigi Paganini March 08, 2024

Russia-linked Midnight Blizzard breached Microsoft systems again

Microsoft revealed that Russia-linked APT group Midnight Blizzard recently breached its internal systems and source code repositories. Microsoft published an update on the attack that hit the company on January 12, 2024, the IT giant revealed that the Russia-linked Midnight Blizzard recently breached again its internal systems and source code repositories. In January, Microsoft warned […]

Pierluigi Paganini February 22, 2024

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

China-linked APT group Mustang Panda targeted various Asian countries with a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. Trend Micro researchers uncovered a cyberespionage campaign, carried out by China-linked APT group Mustang Panda, targeting Asian countries, including Taiwan, Vietnam, and Malaysia. Mustang Panda has been active since at least 2012, it targeted American and European entities such […]

Pierluigi Paganini February 19, 2024

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia. The nation-state actors are known to carry out […]

Pierluigi Paganini January 19, 2024

China-linked APT UNC3886 exploits VMware zero-day since 2021

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. vCenter Server is a critical component in VMware virtualization and cloud computing software suite. It serves as a […]

Pierluigi Paganini October 26, 2023

Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

Russia-linked threat actor Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software. Russian APT group Winter Vivern (aka TA473) has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023. ESET researchers pointed out that is a different vulnerability than CVE-2020-35730, that the group exploited in other attacks. The Winter […]

Pierluigi Paganini October 22, 2023

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

MI5 chief warns Chinese cyber espionage reached an epic scale, more than 20,000 people in the UK have now been targeted. The head of MI5, Ken McCallum, warns that Chinese spies targeted more than 20,000 people in the UK. During a meeting of security chiefs of the Five Eyes alliance held in California, McCallum told […]

Pierluigi Paganini October 22, 2023

The attack on the International Criminal Court was targeted and sophisticated

The International Criminal Court revealed the recent attack was carried out by a threat actor for espionage purposes. The International Criminal Court shared additional information about the cyberattack that hit the organizations in September. In September, the International Criminal Court (ICC) announced that threat actors have breached its systems last week. The experts at the […]

Pierluigi Paganini September 29, 2023

Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach

China-linked threat actors stole around 60,000 emails from U.S. State Department after breaching Microsoft’s Exchange email platform in May. China-linked hackers who breached Microsoft’s email platform in May have stolen tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters this week. During a briefing by U.S. State Department IT officials, […]

Pierluigi Paganini September 25, 2023

A phishing campaign targets Ukrainian military entities with drone manual lures

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. The campaign, codenamed STARK#VORTEX by Securonix, targets Ukrainian military entities and CERT-UA attributed it […]

Cyberespionage

Lithuania security services warn of China’s espionage against the country

Russia-linked Midnight Blizzard breached Microsoft systems again

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

China-linked APT UNC3886 exploits VMware zero-day since 2021

Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

The attack on the International Criminal Court was targeted and sophisticated

Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach

A phishing campaign targets Ukrainian military entities with drone manual lures

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

McLaren Health Care data breach impacted over 743,000 people

American steel giant Nucor confirms data breach in May attack

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

Qilin ransomware gang now offers a "Call Lawyer" feature to pressure victims

QUICK LINKS

Cyberespionage

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!