October 17, 2024 at 06:42AM An APT group known as SideWinder, linked to India, has launched numerous attacks on key entities in the Middle East and Africa, utilizing multi-stage infection methods with a new toolkit called StealerBot. Targeted sectors include government, military, finance, and telecommunications across various countries, highlighting their evolving cyber capabilities. ### Meeting … Read more
October 16, 2024 at 10:42AM The Indian APT group SideWinder has expanded its cyberattacks across Asia, the Middle East, Africa, and Europe, targeting various sectors, including government and military. They employ an advanced malware toolkit, StealerBot, for espionage. Kaspersky warns that these attackers should not be underestimated due to their evolving tactics. ### Meeting Notes … Read more
October 15, 2024 at 04:54AM China’s CVERC claims the Volt Typhoon cyber threat is a U.S. fabrication, alleging U.S. cyber espionage against multiple countries. They assert there’s strong evidence of U.S. false flag operations and misuse of technology to mislead investigations. The report calls for international collaboration on cybersecurity and counter-threat technology. **Meeting Takeaways:** 1. … Read more
October 14, 2024 at 09:22PM China’s authorities have released a document alleging that the Volt Typhoon threat actor is a US invention, contesting earlier claims of Chinese involvement. The document reiterates previous points, citing a lack of evidence from US officials. It advocates for international cybersecurity collaboration while critiquing US surveillance practices. ### Meeting Notes … Read more
October 14, 2024 at 09:15AM Iran-linked APT OilRig has escalated its cyber activities targeting the United Arab Emirates and the Gulf region, exploiting recent vulnerabilities in the Windows kernel, according to a report by SecurityWeek. **Meeting Takeaways:** 1. **APT OilRig Activity**: The threat actor group OilRig, linked to Iran, has increased its cyber operations targeting … Read more
October 12, 2024 at 02:10PM OpenAI reported that its AI chatbot, ChatGPT, has been exploited in over 20 cyber operations for creating malware, spreading misinformation, and phishing. Threat actors from China and Iran used the tool for tasks like vulnerability research and scripting. OpenAI has banned the accounts involved and shared relevant data with cybersecurity … Read more
October 11, 2024 at 02:07PM Trend Micro has been tracking Earth Simnavaz (APT34/OilRig), a cyber espionage group targeting UAE government entities. Their sophisticated methods include utilizing backdoors, exploiting vulnerabilities, and employing RMM tools like ngrok for data exfiltration. Recent activities indicate a focus on critical infrastructure vulnerabilities to advance espionage goals in the region. ### … Read more
October 11, 2024 at 03:51AM Trend Micro reports on Earth Simnavaz (APT34), a cyber espionage group targeting UAE government entities, using sophisticated tactics like backdoor malware exploiting CVE-2024-30088. The group steals credentials via Microsoft Exchange servers, employing tools to evade detection. Their activities emphasize threats to critical infrastructure amidst geopolitical tensions in the Gulf region. … Read more
October 7, 2024 at 04:06PM The Chinese state-sponsored APT, Salt Typhoon, reportedly breached major US broadband provider networks, gaining access to lawful intercept infrastructure used by law enforcement for wiretapping. The affected providers include AT&T, Verizon, and Lumen Technologies. Sources suggest the APT had access to internet traffic and targeted entities outside the US. This … Read more
October 7, 2024 at 10:56AM Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, were breached by the Chinese hacking group Salt Typhoon. The attack aimed at gathering intelligence from systems used by the U.S. federal government for network wiretapping requests. This sophisticated group has also targeted entities in other countries and utilizes various … Read more