Cyberespionage Archives - Page 5 of 20

Pierluigi Paganini August 22, 2022

Donot Team cyberespionage group updates its Windows malware framework

The Donot Team threat actor, aka APT-C-35, has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries. In October 2021, a report released by Amnesty International revealed that the Donot […]

Pierluigi Paganini August 15, 2022

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. The Microsoft Threat Intelligence Center (MSTIC) has disrupted activity by SEABORGIUM (aka ColdRiver, TA446), a Russia-linked threat actor that is behind a persistent hacking campaign targeting people and organizations in NATO countries. SEABORGIUM has been active since at least 2017, […]

Pierluigi Paganini August 09, 2022

Chinese actors behind attacks on industrial enterprises and public institutions

China-linked threat actors targeted dozens of industrial enterprises and public institutions in Afghanistan and Europe. In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. The attackers breached dozens of enterprises and in some cases compromised their IT infrastructure, […]

Pierluigi Paganini May 23, 2022

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. Researchers from SEKOIA.IO Threat & Detection Research (TDR) team have uncovered a reconnaissance and espionage campaign conducted by Russia-linked Turla APT aimed at the Baltic Defense College, the Austrian Economic Chamber (involved in government decision-making such as economic sanctions) and NATO’s […]

Pierluigi Paganini May 02, 2022

Russia-linked APT29 targets diplomatic and government organizations

Russia-linked APT29 (Cozy Bear or Nobelium) launched a spear-phishing campaign targeting diplomats and government entities. In mid-January 2022, security researchers from Mandiant have spotted a spear-phishing campaign, launched by the Russia-linked APT29 group, on targeting diplomats and government entities. The Russia-linked APT29 group (aka SVR, Cozy Bear, and The Dukes) has been active since at least 2014, […]

Pierluigi Paganini April 09, 2022

China-linked threat actors target Indian Power Grid organizations

China-linked threat actors continue to target Indian power grid organizations, most of the attacks involved the ShadowPad backdoor. Recorded Future’s Insikt Group researchers uncovered a campaign conducted by a China-linked threat actor targeting Indian power grid organizations. The security firm is tracking this cluster of malicious activities under the moniker Threat Activity Group 38 aka […]

Pierluigi Paganini March 18, 2022

China-linked threat actors are targeting the government of Ukraine

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine ’s government for intelligence purposes. Google’s Threat Analysis Group (TAG) researchers uncovered cyberespionage operations conducted by the Chinese People’s Liberation Army (PLA) and other China-linked APT groups and that targeted Ukraine ‘s government to gather info on the ongoing conflict. Below is the tweet […]

Pierluigi Paganini March 08, 2022

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google Threat Analysis Group (TAG), which focuses on the analysis of nation-state threat actors, revealed to have blocked attacks against hundreds of Ukrainians conducted by Belarus and Russian state-sponsored hackers. The attacks have been attributed to the Russia-linked […]

Pierluigi Paganini February 22, 2022

China-linked APT10 Target Taiwan’s financial trading industry

China-linked APT group APT10 (aka Stone Panda, Bronze Riverside) targets Taiwan’s financial trading sector with a supply chain attack. The campaign was launched by the APT10 group started in November 2021, but it hit a peak between 10 and 13 2022, Taiwanese cybersecurity firm CyCraft reported. The group (also known as Cicada, Stone Panda, MenuPass group, […]

Pierluigi Paganini February 07, 2022

US Telecom providers requested $5.6B to replace Chinese equipment

The Federal Communications Commission (FCC) says that small telecom providers have requested $5.6 billion to replace Chinese gear. The U.S. government has requested telecom providers to replace Chinese equipment in their networks due to security issues and allocated $1.9 billion to support the companies in the transaction. The Federal Communications Commission (FCC) said that the […]

Cyberespionage

Donot Team cyberespionage group updates its Windows malware framework

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Chinese actors behind attacks on industrial enterprises and public institutions

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Russia-linked APT29 targets diplomatic and government organizations

China-linked threat actors target Indian Power Grid organizations

China-linked threat actors are targeting the government of Ukraine

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

China-linked APT10 Target Taiwan’s financial trading industry

US Telecom providers requested $5.6B to replace Chinese equipment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

China-linked APT Salt Typhoon targets Canadian Telecom companies

U.S. warns of incoming cyber threats following Iran airstrikes

McLaren Health Care data breach impacted over 743,000 people

American steel giant Nucor confirms data breach in May attack

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

QUICK LINKS

Cyberespionage

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!