Cyberespionage Archives - Page 6 of 20

Pierluigi Paganini February 22, 2022

China-linked APT10 Target Taiwan’s financial trading industry

China-linked APT group APT10 (aka Stone Panda, Bronze Riverside) targets Taiwan’s financial trading sector with a supply chain attack. The campaign was launched by the APT10 group started in November 2021, but it hit a peak between 10 and 13 2022, Taiwanese cybersecurity firm CyCraft reported. The group (also known as Cicada, Stone Panda, MenuPass group, […]

Pierluigi Paganini February 07, 2022

US Telecom providers requested $5.6B to replace Chinese equipment

The Federal Communications Commission (FCC) says that small telecom providers have requested $5.6 billion to replace Chinese gear. The U.S. government has requested telecom providers to replace Chinese equipment in their networks due to security issues and allocated $1.9 billion to support the companies in the transaction. The Federal Communications Commission (FCC) said that the […]

Pierluigi Paganini February 04, 2022

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42 reported that the Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity operating in Ukraine in January, while geopolitical tensions between Russia and Ukraine have escalated dramatically. In Mid January the Ukrainian […]

Pierluigi Paganini January 26, 2022

German intelligence agency warns of China-linked APT27 targeting commercial organizations

The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The Bundesamt für Verfassungsschutz (BfV) federal domestic intelligence agency warns of ongoing attacks coordinated by the China-linked APT27 group. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign […]

Pierluigi Paganini January 23, 2022

Molerats cyberespionage group uses public cloud services as attack infrastructure

Cyberespionage group Molerats has been observed abusing legitimate cloud services, like Google Drive and Dropbox as attack infrastructure. Zscaler ThreatLabz analyzed an active espionage campaign carried out by Molerats cyberespionage group (aka TA402, Gaza Hackers Team, Gaza Cybergang, and Extreme Jackal) that abuses legitimate cloud services like Google Drive and Dropbox as attack infrastructure. Public […]

Pierluigi Paganini January 06, 2022

North Korea-linked Konni APT targets Russian diplomatic bodies

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The APT group carried out spear-phishing attacks using New Year’s […]

Pierluigi Paganini December 17, 2021

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. The name PseudoManuscrypt comes from the similarities with the Manuscrypt malware used by the North Korea-linked […]

Pierluigi Paganini December 15, 2021

Iran-linked Seedworm APT targets Telecoms organizations across the Middle East and Asia

Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia. Iran-linked APT group Seedworm (aka MERCURY, MuddyWater, TEMP.Zagros, or Static Kitten) is behind a new cyberespionage campaign targeting telecommunication and IT service providers in the Middle East and Asia, Symantec warns. The Seedworm has been active since at least […]

Pierluigi Paganini December 06, 2021

Nobelium APT targets French orgs, French ANSSI agency warns

The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. The French national cybersecurity agency ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) revealed that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. The NOBELIUM APT (APT29, Cozy Bear, and […]

Pierluigi Paganini November 26, 2021

APT C-23 group targets Middle East with an enhanced Android spyware variant

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e. AndroidUpdate,, Telegram). The […]

Cyberespionage

China-linked APT10 Target Taiwan’s financial trading industry

US Telecom providers requested $5.6B to replace Chinese equipment

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Molerats cyberespionage group uses public cloud services as attack infrastructure

North Korea-linked Konni APT targets Russian diplomatic bodies

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Iran-linked Seedworm APT targets Telecoms organizations across the Middle East and Asia

Nobelium APT targets French orgs, French ANSSI agency warns

APT C-23 group targets Middle East with an enhanced Android spyware variant

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Smart Buses flaws expose vehicles to tracking, control, and spying

MedusaLocker ransomware group is looking for pentesters

Google confirms Salesforce CRM breach, faces extortion threat

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57

Security Affairs newsletter Round 536 by Pierluigi Paganini – INTERNATIONAL EDITION

QUICK LINKS

Cyberespionage

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!