cyber espionage

Pierluigi Paganini September 08, 2023
North Korea-linked threat actors target cybersecurity experts with a zero-day

North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts. North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers. The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). “Recently, […]

Pierluigi Paganini September 07, 2023
Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. In July, Microsoft announced it had mitigated an attack conducted by a China-linked threat actor, tracked as Storm-0558, which targeted customer emails. Storm-0558 threat actors focus on government agencies in Western Europe and […]

Pierluigi Paganini June 15, 2023
Barracuda ESG zero-day exploited by China-linked APT

Experts linked the UNC4841 threat actor behind the attacks exploiting the recently patched Barracuda ESG zero-day to China. Mandiant researchers linked the threat actor UNC4841 to the attacks that exploited the recently patched Barracuda ESG zero-day vulnerability to China. “Through the investigation, Mandiant identified a suspected China-nexus actor, currently tracked as UNC4841, targeting a subset […]

Pierluigi Paganini April 26, 2023
A component in Huawei network appliances could be used to take down Germany’s telecoms networks

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes.  In March, the interior ministry announced it was conducting an audit on the network appliance from Chinese telecoms giants Huawei and ZTE.  German lawmakers were briefed on the probe by the German Interior Ministry, the federal […]

Pierluigi Paganini October 30, 2022
Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies

According to the Daily Mail, Former British Prime Minister Liz Truss ‘s personal phone was hacked by Russian spies. The personal mobile phone of British Prime Minister Liz Truss was hacked by cyber spies suspected of working for the Kremlin, the Daily Mail reported. According to the British tabloid, the cyber-spies are believed to have […]

Pierluigi Paganini September 30, 2022
Witchetty APT used steganography in attacks against Middle East entities

A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s Symantec Threat Hunter Team observed a threat actor, tracked as Witchetty, using steganography to hide a previously undocumented backdoor in a Windows logo. The group used the backdoor in attacks against Middle Eastern governments. The cyber […]

Pierluigi Paganini September 13, 2022
Cyber espionage campaign targets Asian countries since 2021

A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. “A distinct group of espionage attackers who were formerly associated with the […]

Pierluigi Paganini June 08, 2022
China-linked threat actors have breached telcos and network service providers

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers. The nation-state actors exploit publicly known vulnerabilities to compromise the target […]

Pierluigi Paganini June 19, 2021
North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. South Korean representatives declared on Friday that North Korea-linked APT group Kimsuky is believed to have breached the internal network of the South Korean Atomic Energy Research Institute (KAERI). The Korea Atomic Energy Research Institute (KAERI) in Daejeon, South Korea […]

Pierluigi Paganini June 17, 2021
Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Researchers from Kaspersky reported that Iran-linked threat actors, tracked as Ferocious Kitten, used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on […]