15 May 2020

Developments in cyber espionage tool looks to exfil from air-gapped networks

The cyber espionage framework looks to collect and exfiltrate information, even from air-gapped networks according to research by cybersecurity firm ESET.  The framework, which has been in development since 2019, has been dubbed Ramsay and exploits several vulnerabilities and includes capabilities that appear to still be in development and could

Read More
04 Mar 2020

CIA Accused of Mounting 11-Year Cyber-Attack Against China

The CIA has been accused of carrying out an 11-year campaign of cyber espionage by Qihoo 360. Qihoo alleges that the CIA targeted critical industries in the People’s Republic of China, stating yesterday that they had discovered and revealed cyber-attacks by the CIA hacking group (APT-C-39). Qihoo claims that they

Read More
07 Jan 2020

Bronze President Spies on Asia

New research by Secureworks sheds light on the activity of Bronze President, a cyber espionage group believed to operate out of China. The group uses a combination of custom and publicly available remote access tools to target NGOs as well as political and law enforcement organizations in India, Mongolia, and

Read More
27 Nov 2019

Czech Intel Report Highlights Russian, Chinese Spying

A new report by the Czech intelligence service (BIS) states that “Russian and Chinese intelligence activities affected the sectors of politics, diplomacy, espionage, economy and information struggle” last year, and accuses Russia in particular of carrying out cyber operations “to manipulate the decision-making process and individuals responsible for decision-making.” The

Read More
25 Nov 2019

Geopolitical Tensions Fuel Worsening Cyberattack Scenario

An extensive industry study[pdf] carried out by VMware Carbon Black indicates that nearly half (47%) of all cyberattacks that took place this year originated in either China or Russia. While attribution in the cyber domain is notoriously difficult, the company says the data is likely to be “quite accurate” because

Read More
25 Nov 2019

Extensive hacking operation discovered in Kazakhstan

Security researchers with Qihoo 360 have uncovered a large cyber campaign targeting Kazakhstan. According to the report, a threat actor with considerable financial and technical resources is targeting government agencies, businesses, educational institutions as well as numerous individuals including members of the military, foreign diplomats, researchers, journalists religious figures and

Read More
08 Nov 2019

Charges: Chinese Surveillance Goods Illegally Sold to US

The US Department of Justice (DoJ) accuses US company Aventura Technologies of lying about the origin of millions of dollars in Chinese surveillance and other security equipment sold by the firm to the US military and other organizations. Prosecutors claim that the equipment that was sold “as purportedly US-made has

Read More
07 Nov 2019

Three Charged in US With Spying on Twitter Users for Saudi Arabia

The US Justice Department is charging three individuals, two of which are former Twitter employees, of conducting espionage targeting users of the social media platform who criticized the Saudi royal family. Two of the suspects are Saudi nationals, while the third is a US citizen. The campaign was allegedly orchestrated

Read More
06 Nov 2019

Kaspersky identifies mysterious APT mentioned in 2017 Shadow Brokers leak

Kaspersky has identified one of the advanced persistent threat (APT) groups mentioned in a leaked US National Security Agency (NSA) scanning tool. The python script was made public as part of the ‘Lost in Translation’ leak by the mysterious Shadow Brokers group in 2017. That leak also exposed other NSA

Read More
01 Nov 2019

Chinese Cyberspies Use New Malware to Intercept SMS Traffic at Mobile Operators

A Thursday report by FireEye details how Chinese state-sponsored hacking group APT41 has been intercepting SMS traffic using a new malware strain called MESSAGETAP. APT41 has been linked to cyber espionage campaigns as well as financially-motivated attacks from 2012 onward. MESSAGETAP is designed to target Linux servers used by telecommunications

Read More