November 13, 2024 at 07:15AM The Iranian threat actor TA455 has mimicked North Korean tactics in a Dream Job campaign, targeting the aerospace industry with fake job offers. The campaign distributes SnailResin malware, enabling remote access and credential theft. This approach includes using social engineering, impostor personas, and multi-stage infection methods to evade detection. **Meeting … Read more
November 12, 2024 at 08:01PM China’s Volt Typhoon cyber group has resurfaced, compromising outdated Cisco and Netgear routers to target critical U.S. infrastructure, sparking cyberattacks. Despite previous claims of dismantling the botnet, researchers report increased sophistication, with breaches extending to Singapore Telecommunications. The resurgence highlights rising Chinese cyber espionage threats globally. ### Meeting Takeaways on … Read more
November 12, 2024 at 10:55AM Volt Typhoon, a Chinese state-sponsored hacking group, is rebuilding its KV-Botnet after earlier disruptions. Targeting outdated Cisco and Netgear routers, they have compromised roughly 30% of exposed devices. Researchers recommend replacing old routers and enhancing security measures to mitigate this persistent threat. ### Meeting Notes Takeaways: 1. **Volt Typhoon Resurgence**: … Read more
November 8, 2024 at 07:51AM High-profile entities in India are being targeted by the Pakistan-based Transparent Tribe and the new China-linked IcePeony cyber espionage groups. Transparent Tribe uses ElizaRAT and ApoloStealer malware, while IcePeony employs SQL Injection and web shells to steal credentials. Both groups demonstrate sophisticated attack methodologies and tools. ### Meeting Takeaways – … Read more
November 7, 2024 at 07:30PM The Chinese APT group MirrorFace has expanded its espionage activities into the European Union, utilizing SoftEther VPN. Previously known for interfering in Japanese elections, MirrorFace now targets diplomatic entities. Other China-backed groups are also adopting SoftEther VPN to avoid detection, indicating a rise in cyber espionage tactics in Europe. ### … Read more
November 7, 2024 at 06:21AM The China-aligned hacking group MirrorFace has targeted a European Union diplomatic organization using a phishing lure related to the upcoming 2025 World Expo in Japan. This marks their first attack in the EU, continuing a trend of targeting Japan and expanding into Taiwan and India since 2023. ### Meeting Takeaways … Read more
November 5, 2024 at 09:37PM Chinese government-backed hackers, Volt Typhoon, breached Singapore Telecommunications in June, marking a test for future attacks on U.S. telecoms. This is part of broader cyber intrusions targeting critical infrastructure globally, with another group, Salt Typhoon, also reportedly compromising U.S. telecoms. China denies these accusations. **Meeting Takeaways:** 1. **Volt Typhoon Cyber … Read more
November 5, 2024 at 12:36PM The FBI is investigating cyber intrusions involving malware targeting sensitive data from companies and government networks by Chinese state-sponsored groups. Reports by Sophos reveal attacks leveraging multiple vulnerabilities, shifting from widespread to targeted attacks since 2021, compromising critical infrastructure mainly in South and Southeast Asia. ### Meeting Takeaways: 1. **FBI … Read more
October 30, 2024 at 12:01PM The North Korean hacking group Andariel is linked to the Play ransomware operation, potentially as an affiliate or initial access broker. Researchers found they compromised a network to deploy Play ransomware. This collaboration may help evade sanctions, similar to tactics used by other sanctioned groups like Evil Corp and Iranian … Read more
October 29, 2024 at 05:11PM The China-sponsored hacking group Evasive Panda has launched CloudScout, a sophisticated toolset to exploit stolen Web session cookies and access data from cloud services like Google Drive and Gmail. This post-compromise tool evades authentication checks and illustrates the group’s advanced cyberespionage skills targeting civil society and political entities. ### Meeting … Read more