Oct 13, 2024Ravie Lakshmanan The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for … [Read more...] about OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
espionage
Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign
Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort … [Read more...] about Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign
University Professors Targeted by North Korean Cyber Espionage Group
Aug 08, 2024Ravie LakshmananCyber Attack / Cyber Espionage The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error … [Read more...] about University Professors Targeted by North Korean Cyber Espionage Group
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
Jul 25, 2024NewsroomMalware / Cyber Espionage A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker … [Read more...] about North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
Australian Defence Force Private and Husband Charged with Espionage for Russia
Jul 12, 2024NewsroomCyber Crime / Online Safety Two Russian-born Australian citizens have been arrested and charged in the country for spying on behalf of Russia as part of a "complex" law enforcement operation codenamed BURGAZADA. This includes a 40-year-old woman, an Australian Defence Force (ADF) Army Private, and her husband, a 62-year-old self-employed laborer. Media … [Read more...] about Australian Defence Force Private and Husband Charged with Espionage for Russia
Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign
Jun 21, 2024NewsroomMalware / Threat Intelligence A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are scanned documents of government … [Read more...] about Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign
Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
Jun 05, 2024NewsroomCyber Espionage / Threat Intelligence An unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. "The overall goal behind the campaign was to maintain access to the target network for cyberespionage in support of Chinese … [Read more...] about Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
Chinese Espionage Group Targets Africa & Caribbean Govts
The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign. "The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while minimizing the exposure of their custom … [Read more...] about Chinese Espionage Group Targets Africa & Caribbean Govts
U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation
The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), … [Read more...] about U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation
Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies
Jan 06, 2024NewsroomCyber Espionage / Supply Chain Attack Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the targets was … [Read more...] about Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies