20 Oct 2022

China-Linked Cyber-Espionage Team Homes In on Hong Kong Government Orgs

The China-based espionage group Winnti was discovered by researchers at Symantec deploying the Spyder Loader malware as part of an ongoing campaign to gather intelligence. The group allegedly sought to steal information from government organizations in Hong Kong. The recently-observed malicious activity consists of Winnti attackers remaining active on some

Read More
12 Oct 2022

Polonium Uses Seven Backdoor Variants to Spy on Israeli Organizations

European cybersecurity firm ESET has discovered previously unknown custom backdoors and tools it believes are being leveraged by an APT group called Polonium. The group is relatively new and was discovered in June 2022 by Microsoft. The group is highly sophisticated and currently active. It appears to be exclusively targeting

Read More
18 Aug 2022

APT Lazarus Targets Engineers with macOS Malware

North Korean advanced persistent threat actor Lazarus is leveraging the current popularity of the blockchain and cryptocurrency industry to target organizations and individuals running Apple and Intel-based systems. The cyber espionage campaign recently identified consists of Lazarus deploying fake job postings for Coinbase. The job posting contains a malicious Mac

Read More
15 Jul 2022

Journalists Emerge as Favored Attack Target for APTs

Security researchers at Proofpoint have released a recent advisory that details how state-aligned threat groups have increased the volume of attacks targeting journalists. According to the research, the goal of the attacks is to steal data and credentials, as well as to track the journalists. The targeted phishing attacks can

Read More
03 May 2022

A stealthy new espionage group is targeting corporate mergers and acquisitions

A new espionage actor is breaching corporate networks to steal emails from employees involved in big financial transactions like mergers and acquisitions. Mandiant, which first discovered the advanced persistent threat (APT) group in December 2019 and now tracks it as “UNC3524”, says that while the group’s corporate targets hint at

Read More
09 Feb 2022

China Suspected of News Corp Cyberespionage Attack

Last month, publishing giant News Corp suffered from a cyberattack in which attackers infiltrated the company’s network using BEC. Microsoft claims to have moved to stop such attacks by blocking VBA macros in 5 different Windows apps, however, the attack was still effective. In the latest update, cybersecurity professionals determined

Read More
26 Oct 2021

Global IT Supply Chain Security – The U.S. Needs to Step Up Its Game

Microsoft officials have warned that Russia’s intelligence apparatus has been engaged in another campaign to gain unauthorized access into thousands of U.S. government, corporate, and think tank networks. The ongoing cyber-espionage campaign appears to be focused on acquiring data that is stored in the cloud.

The activity further underscores Russia’s intent to target and compromise any entity that it feels vital to supporting its intelligence interests. The target list may be expansive, as a recent Microsoft report claimed more than half of nation-state attacks detected by the company have come from Russia.

Read More
20 Oct 2021

Fresh APT Harvester Reaps Telco, Government Data

A new APT group named Harvester by security researchers is reportedly attacking telcos, IT companies, and government sector targets in a campaign that has been consistent since June. The group is likely a nation-state backed entity and is using custom malware and stealthy tactics, according to researchers. The group has

Read More
13 Oct 2021

Russia Dominates State-Sponsored Attacks, says Microsoft

According to Microsoft data, Russia accounted for the majority of state-sponsored attacks over the past year, with the SolarWinds attackers dominating threat activity. The Digital Defense Report 2021 is the first of its kind released by Microsoft and covers a year-long period between June 2020 and June 2021. The report

Read More
20 Sep 2021

Cyber Espionage Likely Supporting China’s Arctic Aspirations

It is increasingly evident that China believes the timing is right for it to aggressively push its national interests. One area that often gets overlooked when looking at China’s expansionism is its interests in the Arctic. China’s interest in the area is not a secret, as it has promoted itself as a legitimate “Arctic State” as early as its 2011 Twelfth Five-Year Plan, and in its 2018 Arctic Policy.

Read More