In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft Cell that was first reported in June 2019 by Cybereason. At the time, researchers at Cybereason uncovered the long-running espionage campaign tracked…

Google suspended popular budget e-commerce application Pinduoduo from the Play Store after detecting malware on versions of the Chinese app downloadable from other online stores. In a statement on Tuesday, Google said it took action to block the installation of Pinduoduo on Android devices and said it would scan smartphones for malicious versions through its…

Chinese threat actors are turning security appliances into penetration pathways, forcing firewall maker Fortinet to again attempt to fend off hackers with a patch. Researchers from Mandiant say suspected Beijing hackers it tracks as UNC3886 has been targeting chip-based firewall and virtualization boxes. The group, it said in a Thursday blog post, exploited a now-patched…

A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop malware and establish long-term persistence. “The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades,” cybersecurity company Mandiant said in a technical report published this week. The Google-owned incident response…

Active since at least 2007 and also tracked as APT41, Barium, Blackfly, Double Dragon, Wicked Panda, and Wicked Spider, the Winnti Group is believed to be formed of multiple subgroups engaging in both cyberespionage and financially motivated operations. As part of a campaign ongoing since early August, the threat actor has been deploying various payloads…

A sample of 750,000 entries posted online by the hacker showed citizens’ names, mobile phone numbers, national ID numbers, addresses, birthdays and police reports they had filed. AFP and cybersecurity experts have verified some of the citizen data in the sample as authentic, but the scope of the entire database is hard to determine. Advertised…

The rules, which are set to go into force in 90 days, would prevent the sale of certain software or devices to a list of countries unless approved by a bureau of the Commerce Department. “The United States opposes the misuse of technology to abuse human rights or conduct other malicious cyber activities, and these…