26 Oct 2021

Global IT Supply Chain Security – The U.S. Needs to Step Up Its Game

Microsoft officials have warned that Russia’s intelligence apparatus has been engaged in another campaign to gain unauthorized access into thousands of U.S. government, corporate, and think tank networks. The ongoing cyber-espionage campaign appears to be focused on acquiring data that is stored in the cloud.

The activity further underscores Russia’s intent to target and compromise any entity that it feels vital to supporting its intelligence interests. The target list may be expansive, as a recent Microsoft report claimed more than half of nation-state attacks detected by the company have come from Russia.

Read More
20 Oct 2021

Fresh APT Harvester Reaps Telco, Government Data

A new APT group named Harvester by security researchers is reportedly attacking telcos, IT companies, and government sector targets in a campaign that has been consistent since June. The group is likely a nation-state backed entity and is using custom malware and stealthy tactics, according to researchers. The group has

Read More
13 Oct 2021

Russia Dominates State-Sponsored Attacks, says Microsoft

According to Microsoft data, Russia accounted for the majority of state-sponsored attacks over the past year, with the SolarWinds attackers dominating threat activity. The Digital Defense Report 2021 is the first of its kind released by Microsoft and covers a year-long period between June 2020 and June 2021. The report

Read More
20 Sep 2021

Cyber Espionage Likely Supporting China’s Arctic Aspirations

It is increasingly evident that China believes the timing is right for it to aggressively push its national interests. One area that often gets overlooked when looking at China’s expansionism is its interests in the Arctic. China’s interest in the area is not a secret, as it has promoted itself as a legitimate “Arctic State” as early as its 2011 Twelfth Five-Year Plan, and in its 2018 Arctic Policy.

Read More
03 Aug 2021

Chinese APTs strike major telecommunications companies

Researchers at Cybereason Nocturnus recently published a report disclosing three cyber espionage campaigns seeming to come from China targeting networks belonging to major telecommunications companies. The attackers are referred to as DeadRinger in the report and are believed to be working for Chinese state interests. The cybersecurity firm reported that

Read More
28 Jul 2021

Praying Mantis Threat Group Targeting US Firms in Sophisticated Attacks

Security researchers at Sygnia reported observing attacks originating from a sophisticated threat actor that bore resemblance to the hallmarks of an Australian campaign that targeted high-profile public and private entities. According to the researchers, the campaign targeting Australia last year seems to have shifted its focus to the US. The

Read More
08 Oct 2020

‘Bahamut’ Threat Group Targets Government & Industry in Middle East

Researchers have been investigating a hack-for-hire cyber threat group named Bahamut and have alleged that the group was involved in attacks against government officials and businesses within the Middle East and South Asia regions. According to researchers, the group hits its targets with sophisticated credential harvesting attacks, phishing campaigns, zero-day

Read More
01 Oct 2020

The Nevernight Connection – The FBI’s Short Film on Cyber Espionage

Just in time for Security Awareness Month, the FBI has released a short film dramatizing the risk of cyber espionage.  Inspired by the case of former CIA officer Kevin Mallory—the professionally produced film details the fictional account of a former U.S. Intelligence Community official who was targeted by China via a fake profile on a professional networking site and recruited to turn over classified information before being arrested.

Read More
15 May 2020

Developments in cyber espionage tool looks to exfil from air-gapped networks

The cyber espionage framework looks to collect and exfiltrate information, even from air-gapped networks according to research by cybersecurity firm ESET.  The framework, which has been in development since 2019, has been dubbed Ramsay and exploits several vulnerabilities and includes capabilities that appear to still be in development and could

Read More
04 Mar 2020

CIA Accused of Mounting 11-Year Cyber-Attack Against China

The CIA has been accused of carrying out an 11-year campaign of cyber espionage by Qihoo 360. Qihoo alleges that the CIA targeted critical industries in the People’s Republic of China, stating yesterday that they had discovered and revealed cyber-attacks by the CIA hacking group (APT-C-39). Qihoo claims that they

Read More