June 27, 2024 at 12:06PM State-sponsored actors have launched three novel credential-phishing campaigns compromising over 40,000 corporate users, including top executives, in just three months. These attacks use highly evasive tactics to circumvent security controls, focusing on stealing credentials from corporate users for cyber-espionage purposes. Security experts stress the need for organizations to adapt and … Read more
June 27, 2024 at 12:24AM Cyberespionage group ChamelGang uses CatB ransomware to target high-profile organizations globally, posing challenges for attribution. Their sophisticated attacks focus on government and critical infrastructure entities, employing ransom notes and bitcoin payments. Additionally, they leverage BestCrypt and BitLocker in separate activities, impacting organizations mainly in North America, South America, and Europe. … Read more
June 26, 2024 at 08:57AM The European Union imposed new sanctions on Russia, targeting its tanker fleet and companies over the war on Ukraine. The EU aims to hinder Russian liquefied natural gas shipments, estimating billions of cubic meters were transported via EU ports last year. The measures also include asset freezes, travel bans, and … Read more
June 26, 2024 at 06:57AM Between 2021 and 2023, threat actors with ties to China and North Korea have conducted ransomware attacks targeting government and critical infrastructure sectors worldwide. Cybersecurity firms linked these attacks to groups including ChamelGang and state-sponsored entities. The use of ransomware in cyber espionage operations blurs the lines between cybercrime and … Read more
June 26, 2024 at 06:10AM A China-backed APT group, ChamelGang, has been using ransomware to hide its cyberespionage operations for three years. Recently targeting critical infrastructure in East Asia and India, the group’s tactic aims to provide deniability and cover tracks while exfiltrating data. ChamelGang’s focus on data theft and cyberespionage is attributed to geopolitical … Read more
June 24, 2024 at 09:08PM Multiple cyber-espionage groups compromised telecommunications operators in Asia-Pacific, using custom malware and backdoors. China-linked groups including Fireant, Neeedleminer, and Firefly were involved, targeting at least two countries. The attacks pose risks of eavesdropping, surveillance, and potential disruption to target countries’ critical infrastructure. Nations in the region continue to face escalating … Read more
June 24, 2024 at 04:24AM Between November 2023 and April 2024, a China-linked state-sponsored threat actor named RedJuliett conducted a cyber espionage campaign targeting government, academic, and diplomatic organizations in Taiwan. They utilized various techniques, including deploying web shells and exploiting vulnerabilities, with a focus on collecting intelligence related to Taiwan’s economic policy and diplomatic … Read more
June 24, 2024 at 01:30AM Cyber espionage groups are using an Android remote administration tool, Rafel RAT, disguised as popular apps like Instagram and WhatsApp. This tool can perform various malicious activities like data theft and device manipulation. It has been used in cyber attacks targeting high-profile entities across multiple countries. It highlights the need … Read more
June 22, 2024 at 07:54AM ExCobalt, a cybercrime gang, is targeting Russian organizations with a new Golang-based backdoor called GoRed. The group engages in cyber espionage, using various sophisticated tools to attack sectors like government, IT, metallurgy, and telecommunications. ExCobalt demonstrates a high level of activity, constantly improving techniques and flexibly adapting its toolset to … Read more
June 22, 2024 at 02:18AM The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on 12 senior leaders of Kaspersky Lab after the company was banned by the Commerce Department over national security concerns. The sanctions do not extend to the company itself or its founder. Russia has criticized the … Read more