Cybersecurity researchers today unveiled a complex and targeted espionage attack on potential government sector victims in South East Asia that they believe was carried out by a sophisticated Chinese APT group at least since 2018. "The attack has a complex and complete arsenal of droppers, backdoors and other tools involving Chinoxy backdoor, PcShare RAT and FunnyDream backdoor … [Read more...] about Chinese APT Hackers Target Southeast Asian Government Institutions
Target
APT ‘Hackers For Hire’ Target Financial, Entertainment Firms
A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. Dubbed "CostaRicto" by Blackberry researchers, the campaign appears to be the handiwork of APT mercenaries who possess bespoke malware tooling and complex VPN proxy and SSH tunneling … [Read more...] about APT ‘Hackers For Hire’ Target Financial, Entertainment Firms
Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities."CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available … [Read more...] about Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies
New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices
Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide.Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) … [Read more...] about New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices
Cisco Jabber Bug Could Let Hackers Target Windows Systems Remotely
Networking equipment maker Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities—which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code.The flaws, which were uncovered by Norwegian cybersecurity firm Watchcom during a pentest, affect all currently … [Read more...] about Cisco Jabber Bug Could Let Hackers Target Windows Systems Remotely
Hackers Target Defense Contractors’ Employees By Posing as Recruiters
The United States Cybersecurity and Infrastructure Security Agency (CISA) has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies.Dubbed 'BLINDINGCAN,' the advanced remote access trojan acts as a backdoor when installed on compromised … [Read more...] about Hackers Target Defense Contractors’ Employees By Posing as Recruiters
InvisiMole Hackers Target High-Profile Military and Diplomatic Entities
Cybersecurity researchers today uncovered the modus operandi of an elusive threat group that hacks into the high-profile military and diplomatic entities in Eastern Europe for espionage.The findings are part of a collaborative analysis by cybersecurity firm ESET and the impacted firms, resulting in an extensive look into InvisiMole's operations and the group's tactics, tools, … [Read more...] about InvisiMole Hackers Target High-Profile Military and Diplomatic Entities
Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs
Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money.The campaign, dubbed "Operation In(ter)ception" because of a reference to "Inception" in the malware … [Read more...] about Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs
New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users
High impact vulnerabilities in modern communication protocol used by mobile network operators (MNOs) can be exploited to intercept user data and carry out impersonation, fraud, and denial of service (DoS) attacks, cautions a newly published research.The findings are part of a new Vulnerabilities in LTE and 5G Networks 2020 report published by London-based cybersecurity firm … [Read more...] about New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users
New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites
A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources.The issue affects reverse proxy cache systems like Varnish and some widely-used Content Distribution … [Read more...] about New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites