Cyberespionage Archives - Page 6 of 20

Pierluigi Paganini February 07, 2022

US Telecom providers requested $5.6B to replace Chinese equipment

The Federal Communications Commission (FCC) says that small telecom providers have requested $5.6 billion to replace Chinese gear. The U.S. government has requested telecom providers to replace Chinese equipment in their networks due to security issues and allocated $1.9 billion to support the companies in the transaction. The Federal Communications Commission (FCC) said that the […]

Pierluigi Paganini February 04, 2022

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42 reported that the Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity operating in Ukraine in January, while geopolitical tensions between Russia and Ukraine have escalated dramatically. In Mid January the Ukrainian […]

Pierluigi Paganini January 26, 2022

German intelligence agency warns of China-linked APT27 targeting commercial organizations

The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The Bundesamt für Verfassungsschutz (BfV) federal domestic intelligence agency warns of ongoing attacks coordinated by the China-linked APT27 group. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign […]

Pierluigi Paganini January 23, 2022

Molerats cyberespionage group uses public cloud services as attack infrastructure

Cyberespionage group Molerats has been observed abusing legitimate cloud services, like Google Drive and Dropbox as attack infrastructure. Zscaler ThreatLabz analyzed an active espionage campaign carried out by Molerats cyberespionage group (aka TA402, Gaza Hackers Team, Gaza Cybergang, and Extreme Jackal) that abuses legitimate cloud services like Google Drive and Dropbox as attack infrastructure. Public […]

Pierluigi Paganini January 06, 2022

North Korea-linked Konni APT targets Russian diplomatic bodies

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The APT group carried out spear-phishing attacks using New Year’s […]

Pierluigi Paganini December 17, 2021

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. The name PseudoManuscrypt comes from the similarities with the Manuscrypt malware used by the North Korea-linked […]

Pierluigi Paganini December 15, 2021

Iran-linked Seedworm APT targets Telecoms organizations across the Middle East and Asia

Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia. Iran-linked APT group Seedworm (aka MERCURY, MuddyWater, TEMP.Zagros, or Static Kitten) is behind a new cyberespionage campaign targeting telecommunication and IT service providers in the Middle East and Asia, Symantec warns. The Seedworm has been active since at least […]

Pierluigi Paganini December 06, 2021

Nobelium APT targets French orgs, French ANSSI agency warns

The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. The French national cybersecurity agency ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) revealed that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. The NOBELIUM APT (APT29, Cozy Bear, and […]

Pierluigi Paganini November 26, 2021

APT C-23 group targets Middle East with an enhanced Android spyware variant

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e. AndroidUpdate,, Telegram). The […]

Pierluigi Paganini November 05, 2021

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. Ukraine’s premier law enforcement and counterintelligence disclosed the real identities of five alleged members of the Russia-linked APT group Gamaredon (aka Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) that are suspected to be components of the […]

Cyberespionage

US Telecom providers requested $5.6B to replace Chinese equipment

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Molerats cyberespionage group uses public cloud services as attack infrastructure

North Korea-linked Konni APT targets Russian diplomatic bodies

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Iran-linked Seedworm APT targets Telecoms organizations across the Middle East and Asia

Nobelium APT targets French orgs, French ANSSI agency warns

APT C-23 group targets Middle East with an enhanced Android spyware variant

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Android Malware Konfety evolves with ZIP manipulation and dynamic loading

Belk hit by May cyberattack: DragonForce stole 150GB of data

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

FBI seized multiple piracy sites distributing pirated video games

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

QUICK LINKS

Cyberespionage

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!