September 18, 2024 at 02:25AM Iran continues to escalate cyber operations by utilizing APT34, also known as Hazel Sandstorm, to target government ministries in Iraq and neighboring nations. The cyberespionage group aims to gather intelligence through email tunneling and malware programs. Analysts believe the primary objective is espionage, reflecting the evolving geopolitical landscape in the … Read more
June 26, 2024 at 06:10AM A China-backed APT group, ChamelGang, has been using ransomware to hide its cyberespionage operations for three years. Recently targeting critical infrastructure in East Asia and India, the group’s tactic aims to provide deniability and cover tracks while exfiltrating data. ChamelGang’s focus on data theft and cyberespionage is attributed to geopolitical … Read more
June 12, 2024 at 06:37PM With rising geopolitical tensions and cyber threats, Rockwell Automation advised customers to disconnect industrial control systems (ICS) from the internet to mitigate vulnerabilities. Cybersecurity experts warn of nation-state attacks targeting critical infrastructure, which face challenges due to online exposure and software vulnerabilities. Securing ICS assets and implementing offline measures are … Read more
May 22, 2024 at 09:57AM Rockwell Automation urges customers to secure industrial control systems from internet exposure. Shodan search reveals 7,000+ connected items. The company cautions against public internet connectivity for non-designed devices. They address recent vulnerabilities and the potential for cyber attacks due to global tensions. CISA has also raised awareness of Rockwell’s notice. … Read more
April 24, 2024 at 09:45AM The U.S. Treasury Department sanctioned two firms and four individuals for cyber activities on behalf of the Iranian IRGC-CEC. The DoJ unsealed an indictment against the individuals for cyber attacks targeting the U.S. government and private entities. A reward of up to $10 million was announced for information leading to … Read more
April 18, 2024 at 01:41AM Singapore’s Cyber Security Administration chief, David Koh, highlights concerns about potential tech stack divisions between China and the West, affecting the country’s open economy. He fears a split in tech could disrupt trade and supply chain security. Despite Singapore’s strong cyber security, Koh laments limited influence in setting global tech … Read more
February 28, 2024 at 05:34PM Voltzite, a unit of China’s Volt Typhoon APT, is targeting electric transmission and distribution organizations in African nations, mirroring its US activities. The group aims to compromise industrial control systems and exploit GIS data, potentially linked to China’s Digital Silk Road initiative. These cyber threats intersect with geopolitical tensions, highlighted … Read more
February 22, 2024 at 10:21AM State-sponsored cyber operations are increasingly targeting policy experts in the Middle East and Ukraine. Charming Kitten/CharmingCypress, an Iran-linked group, employs social engineering tactics and malware to compromise targets. Other groups, such as ColdRiver and Jordan-based actors, have also used similar methods to target experts. Volexity advises experts to be vigilant … Read more
February 7, 2024 at 06:20PM CISA’s report reveals that the China-backed Volt Typhoon APT is targeting critical infrastructure, pivoting to operational technology networks. Concerns arise over potential disruption in the event of geopolitical tensions. The APT has remained undetected in US infrastructure for five years, using legitimate accounts and LOTL techniques. It also targets Australian, … Read more
February 7, 2024 at 02:19PM The US government confirmed that China’s Volt Typhoon hackers compromised critical infrastructure IT networks, preparing for disruptive cyberattacks in the US and its territories. The group targeted communication, energy, transportation, and water systems. Twelve government agencies, including CISA, NSA, and FBI, warned of potential disruptive attacks and provided mitigation actions … Read more