Pakistani Threat Actors Caught Targeting Indian Gov Entities

June 14, 2024 at 10:27AM Pakistan-based threat actors, identified as Cosmic Leopard and UTA0137, have targeted Indian government entities in separate espionage campaigns. Operation Celestial Force, ongoing since 2018, utilizes Android and Windows malware to target individuals in defense, government, and related technology sectors. Similarly, UTA0137 has been using the ‘Disgomoji’ malware to access Linux … Read more

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

May 1, 2024 at 05:09AM APT & Targeted Attacks Summary Cybercriminals and nation state actors both exploit compromised routers for anonymization. FBI disrupted Pawn Storm’s botnet of Ubiquiti EdgeRouters, which was used for various malicious activities. Despite the disruption, the botnet operator continued to control some bots. Multiple threat actors used backdoored SSH servers on … Read more

CIA exposed to potential intelligence interception due to X’s URL bug

October 18, 2023 at 09:05AM An ethical hacker exploited a bug in the way X truncates URLs to take control of a CIA Telegram channel used for intelligence. The bug caused the Telegram link to be shortened incorrectly, allowing the hacker to register a new, unregistered handle. The issue could have exposed the CIA to … Read more