February 12, 2024 at 06:09AM China has been accused of attempting to frame the US for cyber espionage, but a recent report from SentinelOne found most claims to be unsubstantiated. China seeks to shift global opinion on its hacking activities, but their reports lack technical evidence. Additionally, China has been coordinating a disinformation campaign to … Read more
February 9, 2024 at 10:20AM The “Big Four” nations – Russia, China, Iran, and North Korea – pose significant cyber and geopolitical threats to the West. Their activities range from cyber espionage to influence operations and financial gain. In the next year, cybersecurity offenses and cyber-influence campaigns are expected to rise, particularly targeting democratic nations’ … Read more
February 7, 2024 at 03:11PM The Chinese cyber-espionage group Volt Typhoon infiltrated U.S. critical infrastructure networks, remaining undetected for at least five years. They utilize living off the land techniques, stolen accounts, and strong operational security to maintain long-term access. U.S. authorities warn of potential disruption to critical infrastructure, with mitigation advice provided alongside the … Read more
February 7, 2024 at 04:02AM Chinese state-backed hackers targeted the Dutch armed forces’ computer network using a known critical security flaw in Fortinet FortiGate devices, resulting in the deployment of COATHANGER malware for persistent remote access. The Dutch Military Intelligence and Security Service confirmed the breach, marking the first public attribution of a cyber espionage … Read more
February 6, 2024 at 01:55PM A Chinese cyber-espionage group breached the Dutch Ministry of Defence, deploying malware on compromised devices. Despite backdooring the hacked systems, the breach’s impact was limited due to network segmentation. A remote access trojan named Coathanger was found, designed to infect Fortigate network security appliances. The attack was attributed to a … Read more
February 6, 2024 at 12:17PM Dutch authorities have attributed an attempted cyberattack on the Ministry of Defense to Chinese state-sponsored hackers, uncovering a previously unseen malware named Coathanger. The remote access trojan was specifically designed to target Fortinet’s FortiGate firewalls and was difficult to detect using traditional methods. The attackers’ wide and opportunistic scans exploited … Read more
February 5, 2024 at 08:45AM Patchwork used romance scam lures to distribute VajraSpy trojan in India and Pakistan. ESET uncovered 12 espionage apps, including some on Google Play, infecting over 1,400 devices. The malware steals various data and was spread through fake messaging apps. This isn’t the first time for Patchwork, which has targeted similar … Read more
February 4, 2024 at 12:19PM The U.S. government neutralized the China-linked Volt Typhoon botnet hijacking U.S.-based SOHO routers vulnerable due to end-of-life status. The botnet facilitated covert data transfer through compromised routers and VPN hardware, impacting critical infrastructure sectors. Law enforcement efforts aimed to disrupt the botnet’s activities, emphasizing the need for secure-by-design practices in … Read more
January 30, 2024 at 09:34AM Mustang Panda, a China-based threat actor, is suspected of targeting Myanmar’s Ministry of Defence and Foreign Affairs in two campaigns using backdoors and remote access trojans. The group has been active since 2012 and has targeted Southeast Asian governments and the Philippines. The attacks involve phishing emails, rogue DLLs, and … Read more
January 26, 2024 at 10:28AM Microsoft confirmed that the Russian hacking group Midnight Blizzard, linked to the Russian Foreign Intelligence Service, breached its systems in November 2023 and stole email from its leadership. The group gained access through a non-MFA-enabled test account and leveraged OAuth applications to access corporate mailboxes. Similar attacks targeting other organizations … Read more