Cyber Espionage Archives - Cyber Security Minute

Turkish APT ‘Sea Turtle’ Resurfaces to Spy on Kurdish Opposition

Issued by: Dark Reading

A group aligned with the interests of the government of Turkey has been turning up its politically motivated cyber espionage lately, targeting Kurdish opposition groups through high-value supply chain targets in Europe, the Middle East, and North Africa. Following some years out of the limelight, Sea Turtle (aka Teal Kurma, Marbled Dust, Silicon, or Cosmic…

Malware & Threats

Chinese APT group ToddyCat launches new cyber-espionage campaigns

Issued by: CSO Online

Researchers warn of renewed attacks against high-profile organizations launched by a Chinese APT actor known in the industry as ToddyCat. The group has been refining its tactics as well as malware toolset since 2020 when it was originally discovered. In a new report this week, researchers from security firm Check Point Software Technologies documented a…

Malware & Threats

Attackers Crafted Custom Malware for Fortinet Zero-Day

Issued by: Dark Reading

Researchers analyzing data associated with a recently disclosed zero-day vulnerability in Fortinet’s FortiOS SSL-VPN technology have identified a sophisticated new backdoor specifically designed to run on Fortinet’s FortiGate firewalls. The malware appears to be the work of a China-based threat actor engaged in cyber-espionage operations targeting government organizations and those working with these organizations. It…

Malware & Threats

SolarWinds hack investigation reveals new Sunspot malware

Issued by: Help Net Security

Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on…

Network Security

GE trade secret theft case demonstrates need for document behavior monitoring

Issued by: Help Net Security

A former GE engineer and a Chinese national have been formally charged with 14 counts of economic espionage by the U.S. Department of Justice after stealing trade secrets from GE. The indictment describes the calculated theft of sensitive documents related to the proprietary design of GE’s gas and steam turbines. According to the unsealed indictment,…

Network Security

Hackers breached German government’s secure computer networks

Issued by: Help Net Security

The Russia-linked Sofacy hacking group has breached the secure computer networks of a number of German federal agencies. The group – also known as APT28, Fancy Bear, and Pawn Storm – has been targeting government institutions, political organizations and military/defense companies around the world for over a decade. Confirmation of the breach The confirmation of…

Malware & Threats

Top digital transformation challenges? Cybercrime and espionage

Issued by: Help Net Security

In Frost & Sullivan’s recent survey covering end-user perspectives on navigating digital transformation, 54 per cent of IT professionals cited cybercrime and espionage as their top challenges, followed by systems integration. Other noteworthy findings include significant IT investment in productivity, improving digital presence, as well as communications/collaboration tool integration with other business software (Microsoft Office, Google-G-suite,…

Vulnerabilities

Russian Hackers Exploit Recently Patched Flash Vulnerability

Issued by: Security Week

The Russia-linked cyber espionage group known as APT28 has been using a recently patched Adobe Flash Player vulnerability in attacks aimed at government organizations and aerospace companies, security firm Proofpoint reported on Thursday. The Flash Player flaw in question, CVE-2017-11292, was patched by Adobe on October 16. At the time when the patch was released, the…

Software Security

Iranian Hackers Target Aerospace, Energy Companies

Issued by: Security Week

A cyber espionage group linked by security researchers to the Iranian government has been observed targeting aerospace and energy organizations in the United States, Saudi Arabia and South Korea. The threat actor, tracked by FireEye as APT33, is believed to have been around since at least 2013. Since mid-2016, the security firm has spotted attacks…

Malware & Threats

Experts Find 2007 Variant of Malware Linked to French Intelligence

Issued by: Security Week

Researchers at Palo Alto Networks have come across a 2007 variant of Babar, a piece of malware believed to have been developed by a French intelligence agency. The activities of the cyber espionage group known as the Animal Farm came to light in March 2014, when a French publication released a series of slides from Edward Snowden….