December 5, 2024 at 03:30AM The China-linked group MirrorFace has launched a spear-phishing campaign targeting individuals in Japan since June 2024, delivering backdoors NOOPDOOR and ANEL. This marks the return of ANEL, previously used by APT10. The attacks leverage malicious OneDrive links and various infection vectors, focusing on national security and international relations themes. ### … Read more
December 5, 2024 at 01:18AM The U.S. CISA has added several vulnerabilities to its KEV catalog, including severe issues in Zyxel and I-O DATA products, with active exploitation reported. Recommendations for remediation by December 25, 2024, are urged for federal agencies. Meanwhile, I-O DATA advises users to enhance security until patches are released. **Meeting Takeaways … Read more
December 4, 2024 at 12:11PM The Russian cyber-espionage group Turla is infiltrating the infrastructure of the Pakistani threat actor Storm-0156, using its compromised networks for covert attacks since late 2022. This strategy allows Turla to stealthily gather intelligence while complicating attribution efforts, leveraging previously breached targets, including Afghan governmental entities. **Meeting Notes Takeaways:** 1. **Turla’s … Read more
December 4, 2024 at 12:02PM Russian hackers, known as Turla, spent two years infiltrating Pakistani cyberspies, gaining access to sensitive South Asian government networks. By commandeering Pakistani command servers, Turla deployed its own malware and extracted valuable data. This operation showcases their strategy of exploiting other threat actors’ infrastructures for espionage without revealing their own … Read more
December 4, 2024 at 02:15AM A joint advisory from Australia, Canada, New Zealand, and the U.S. warns of a Chinese cyber espionage campaign targeting telecommunications. The group, known as Salt Typhoon, has been active since 2020, with ongoing intrusions. Cybersecurity guidance emphasizes strengthening network defenses to mitigate associated risks amid escalating U.S.-China trade tensions. **Meeting … Read more
November 28, 2024 at 06:30AM T-Mobile reported a cyberattack linked to the Chinese group Salt Typhoon but stated the attack was blocked with no access to sensitive customer data. T-Mobile’s Chief Security Officer clarified that while attempts were detected, defenses protected their systems, and connections to the attacking network were severed promptly. ### Meeting Takeaways … Read more
November 27, 2024 at 11:54PM T-Mobile reported recent attempts by hackers to infiltrate its systems, though no sensitive data was accessed. The attacks originated from a connected wireline provider’s network and were thwarted by T-Mobile’s security measures. The incident is notable following cyber threats from a China-linked group targeting U.S. telecoms. ### Meeting Takeaways – … Read more
November 27, 2024 at 04:05PM Chinese cyber-espionage group “Salt Typhoon” allegedly compromised a wireline provider’s network to access T-Mobile US systems. T-Mobile thwarted these attempts, ensuring no sensitive customer data was accessed. The company, which has faced breaches previously, is seeing positive results from enhanced cybersecurity measures following a significant investment. **Meeting Notes Takeaways:** 1. … Read more
November 27, 2024 at 06:28AM APT-C-60, a South Korea-aligned cyber espionage group, targeted a Japanese organization in August 2024 using a job application phishing scheme to deploy the SpyGlace malware. The attack utilized services like Google Drive and Bitbucket, exploiting vulnerabilities in WPS Office, and involved sophisticated methods for executing and distributing the malware. ### … Read more
November 26, 2024 at 06:18AM The Chinese threat actor Earth Estries has been targeting Southeast Asian telecommunications and government networks using a new backdoor, GHOSTSPIDER, along with MASOL RAT. Compromising over 20 entities globally, they exploit various vulnerabilities for cyber espionage, showcasing advanced tactics and a sophisticated operational structure. Recent attacks indicate a significant evolution … Read more