cyberespionage

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

by

November 20, 2024 at 02:27AM A new China-linked cyber espionage group named Liminal Panda targets telecommunications entities in South Asia and Africa, employing advanced tools for unauthorized access and data extraction. CrowdStrike highlights prior misattribution and notes that these activities exploit trust relationships among telecom providers, underscoring vulnerabilities in critical infrastructure to state-sponsored attacks. ### … Read more

Salt Typhoon Hits T-Mobile as Part of Telecom Attack Spree

by

November 19, 2024 at 11:31AM T-Mobile USA has confirmed being targeted by the Chinese cyber threat group Salt Typhoon, part of a larger espionage campaign affecting multiple telecoms. While T-Mobile found no evidence of data breaches, federal agencies report sensitive information may have been accessed. Experts warn of further attacks and cybersecurity vulnerabilities. ### Meeting … Read more

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign

by

November 19, 2024 at 02:57AM T-Mobile has confirmed it was targeted by Chinese threat actors, known as Salt Typhoon, during a prolonged cyber espionage campaign. Although no significant impact on T-Mobile’s data has been reported, the situation highlights broader vulnerabilities in U.S. telecoms, including potential theft of sensitive communications. Investigations continue. ### Meeting Takeaways 1. … Read more

T-Mobile Also Targeted in Chinese Telecom Hacking Campaign

by

November 18, 2024 at 04:32AM T-Mobile has been a target of the Chinese group Salt Typhoon in a significant espionage campaign aimed at U.S. telecom companies. This incident highlights ongoing cybersecurity threats in the telecommunications sector. **Meeting Takeaways:** 1. **Targeted Company:** T-Mobile. 2. **Threat Actor:** Chinese group named Salt Typhoon. 3. **Nature of Incident:** Major … Read more

Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials

by

November 16, 2024 at 02:24AM A threat actor named BrazenBamboo has exploited a zero-day vulnerability in Fortinet’s FortiClient for Windows to extract VPN credentials using a tool called DEEPDATA. Discovered by Volexity, this malware, used in cyber espionage, is part of a broader framework encompassing various communication platforms and data exfiltration capabilities. ### Meeting Takeaways … Read more

Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations

by

November 15, 2024 at 01:00PM Cybersecurity company Check Point has identified a remote access trojan named WezRat, attributed to Iranian state-sponsored hackers. It enables malicious activities like keylogging and file uploads. Distributed via phishing emails mimicking Israeli authorities, WezRat shows ongoing development, indicating significant investment in cyber espionage targeting various global entities. ### Meeting Takeaways: … Read more

Washington’s Cybersecurity Storm of Complacency

by

November 14, 2024 at 10:03AM The Salt Typhoon cyber-espionage group’s breach of major US telecommunications firms highlights significant weaknesses in the nation’s cybersecurity strategy. The government’s reactionary approach and insufficient regulatory oversight allow state-backed threats to exploit vulnerabilities. Urgent reforms, including mandatory standards and a centralized defense agency, are essential to enhance national security. ### … Read more

China-backed crews compromised ‘multiple’ US telcos in ‘significant cyber espionage campaign’

by

November 13, 2024 at 09:04PM The US government has identified a significant cyber espionage campaign by China-linked attackers targeting multiple telecommunications networks, resulting in data theft and compromised private communications of political figures. The FBI and CISA are assisting affected companies and enhancing cyber defenses, urging potential victims to report to local authorities. ### Meeting … Read more

Toolkit Vastly Expands APT41’s Surveillance Powers

by

November 13, 2024 at 05:58PM China’s APT41 threat group has developed a sophisticated Windows-based malware toolkit, “DeepData Framework,” targeting South Asian organizations. The toolkit includes 12 modular plug-ins for data theft, including communications and system information. Analysts emphasize the need for heightened security measures against APT41’s ongoing cyber-espionage campaigns. ### Meeting Takeaways: 1. **APT41 Threat … Read more

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

by

November 13, 2024 at 11:22AM A Hamas-affiliated threat group, WIRTE, has escalated cyber operations from espionage to disruptive attacks targeting Israeli entities and other regional countries despite ongoing conflict. Their techniques include phishing campaigns and malware like the SameCoin wiper, reflecting their politically motivated activities throughout 2024. ### Meeting Takeaways: Threat Intelligence / Cyber Espionage … Read more