July 2, 2024 at 02:08AM Velvet Ant, a Chinese cyber espionage group, has exploited a zero-day flaw in Cisco NX-OS Software to deliver custom malware and gain control over compromised Cisco Nexus devices. This vulnerability, CVE-2024-20399, allows an attacker with administrator credentials to execute commands as root. The impacted devices include various Nexus switches. Additionally, … Read more
July 1, 2024 at 01:48PM Cisco patched an NX-OS zero-day vulnerability used in April attacks to install new malware on susceptible switches. Sygnia attributed the attacks to a Chinese state-sponsored group called Velvet Ant. The exploit allowed the threat actors to gain access, upload files, and execute malicious code. Cisco advises monitoring and changing administrative … Read more
June 28, 2024 at 12:51PM The North Korea-linked threat actor Kimsuky has been using a new malicious Google Chrome extension, codenamed TRANSLATEXT, to conduct cyber espionage targeting South Korean academia. This extension gathers sensitive information and is designed to bypass security measures, capture browser screenshots, and exfiltrate stolen data. Kimsuky is known for orchestrating cyber … Read more
June 27, 2024 at 12:06PM State-sponsored actors have launched three novel credential-phishing campaigns compromising over 40,000 corporate users, including top executives, in just three months. These attacks use highly evasive tactics to circumvent security controls, focusing on stealing credentials from corporate users for cyber-espionage purposes. Security experts stress the need for organizations to adapt and … Read more
June 27, 2024 at 12:24AM Cyberespionage group ChamelGang uses CatB ransomware to target high-profile organizations globally, posing challenges for attribution. Their sophisticated attacks focus on government and critical infrastructure entities, employing ransom notes and bitcoin payments. Additionally, they leverage BestCrypt and BitLocker in separate activities, impacting organizations mainly in North America, South America, and Europe. … Read more
June 26, 2024 at 08:57AM The European Union imposed new sanctions on Russia, targeting its tanker fleet and companies over the war on Ukraine. The EU aims to hinder Russian liquefied natural gas shipments, estimating billions of cubic meters were transported via EU ports last year. The measures also include asset freezes, travel bans, and … Read more
June 26, 2024 at 06:57AM Between 2021 and 2023, threat actors with ties to China and North Korea have conducted ransomware attacks targeting government and critical infrastructure sectors worldwide. Cybersecurity firms linked these attacks to groups including ChamelGang and state-sponsored entities. The use of ransomware in cyber espionage operations blurs the lines between cybercrime and … Read more
June 26, 2024 at 06:10AM A China-backed APT group, ChamelGang, has been using ransomware to hide its cyberespionage operations for three years. Recently targeting critical infrastructure in East Asia and India, the group’s tactic aims to provide deniability and cover tracks while exfiltrating data. ChamelGang’s focus on data theft and cyberespionage is attributed to geopolitical … Read more
June 24, 2024 at 09:08PM Multiple cyber-espionage groups compromised telecommunications operators in Asia-Pacific, using custom malware and backdoors. China-linked groups including Fireant, Neeedleminer, and Firefly were involved, targeting at least two countries. The attacks pose risks of eavesdropping, surveillance, and potential disruption to target countries’ critical infrastructure. Nations in the region continue to face escalating … Read more
June 24, 2024 at 04:24AM Between November 2023 and April 2024, a China-linked state-sponsored threat actor named RedJuliett conducted a cyber espionage campaign targeting government, academic, and diplomatic organizations in Taiwan. They utilized various techniques, including deploying web shells and exploiting vulnerabilities, with a focus on collecting intelligence related to Taiwan’s economic policy and diplomatic … Read more