espionage

In Other News: Gen Digital Makes $1B Buy, Recall Captures Sensitive Data, MITRE ATT&CK Evaluations

by

December 13, 2024 at 08:36AM SecurityWeek’s roundup highlights key cybersecurity stories, including China’s Salt Typhoon espionage revealing phone call recordings, WhatsApp’s fixed View Once feature, and Russia’s Secret Blizzard attacks in Ukraine. Notable developments include MITRE’s evaluations, Gen Digital’s $1 billion acquisition of MoneyLion, and Yahoo’s layoffs in its cybersecurity team. ### Key Takeaways from … Read more

Russian cyber spies hide behind other hackers to target Ukraine

by

December 12, 2024 at 11:09AM Russian cyber-espionage group Turla is leveraging other threat actors’ infrastructure, specifically targeting Ukrainian military devices via Starlink. Utilizing malware from the Amadey botnet and other sources, Turla deploys custom malware like Tavdig and KazuarV2 to gather intelligence and perform reconnaissance on compromised systems. Microsoft recently highlighted these activities. ### Key … Read more

Russian Turla hackers hit Starlink-connected devices in Ukraine

by

December 11, 2024 at 01:56PM Russian cyber-espionage group Turla, also known as “Secret Blizzard,” is targeting Ukrainian military devices via Starlink by leveraging infrastructure from other threat actors, like Storm-0156 and Storm-1837. Their operations involve deploying custom malware, including Tavdig and KazuarV2, to gather intelligence on military activities. ### Meeting Takeaways: Turla Cyber Operations Targeting … Read more

Salt Typhoon recorded top US officials’ calls, says White House

by

December 9, 2024 at 02:08PM Chinese cyberspies, part of the Salt Typhoon campaign, reportedly recorded calls of senior US political figures, according to Anne Neuberger, deputy national security advisor. Eight US telecom providers were compromised, impacting government officials and corporate intellectual property. A Senate hearing will address the risks from such cyber intrusions. ### Meeting … Read more

Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’

by

December 5, 2024 at 08:13PM Microsoft’s threat intelligence team reports that the China-linked group Storm-0227 is targeting critical infrastructure and US government agencies, leveraging public security vulnerabilities and spear-phishing tactics. Active since January, they steal credentials and sensitive data, indicating significant and ongoing espionage efforts focused on US defense, telecommunications, and legal sectors. ### Meeting … Read more

Russian FSB Hackers Breach Pakistan’s APT Storm-0156

by

December 4, 2024 at 05:31PM Russian hackers, known as Secret Blizzard, have infiltrated a Pakistani hacker group, Storm-0156, to access sensitive information from Afghan and Indian military targets. By leveraging Storm-0156’s tools and infrastructure, they employed diverse tactics for espionage, showcasing a unique trend of threat actors hacking fellow cybercriminals to gain operational advantages. **Meeting … Read more

Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets

by

November 27, 2024 at 04:22AM A Russia-linked hacking group, RomCom, has exploited two recent Firefox and Windows zero-day vulnerabilities to install a backdoor on victims’ machines. Mostly targeting entities in North America and Europe, the group employs sophisticated methods requiring no user interaction, highlighting their capacity for stealthy cyber operations. ### Meeting Takeaways: 1. **APT … Read more

Telco engineer who spied on US employer for Beijing gets four years in the clink

by

November 27, 2024 at 12:38AM Ping Li, a 59-year-old Florida engineer, was sentenced to 48 months in prison for spying for China, providing sensitive information about cybersecurity and his employers, Verizon and Infosys. Li communicated with China’s Ministry of State Security since 2012, facilitating requests on US-based organizations and cybersecurity training materials. **Meeting Takeaways:** 1. … Read more

T-Mobile US ‘monitoring’ China’s ‘industry-wide attack’ amid fresh security breach fears

by

November 18, 2024 at 03:48PM T-Mobile US is monitoring an industry-wide cyber-espionage campaign believed to be conducted by Chinese government-backed hackers. Though the company has not confirmed being compromised, it stated there were no significant impacts or evidence of data theft. The FBI recently reported similar breaches across multiple telecoms. **Meeting Takeaways:** 1. **Cyber-Espionage Campaign … Read more

China Says Seabed Sentinels Are Spying, After Trump Taps

by

October 31, 2024 at 09:24AM China accused foreign entities of spying using maritime equipment shortly after state-sponsored hackers targeted Trump and Harris’ campaigns. The Ministry of State Security raised concerns over espionage in maritime activities. Recent reports also revealed attempts to infiltrate U.S. telecommunications by Chinese hackers, emphasizing the urgent need for improved cybersecurity measures. … Read more