cyberespionage Archives - Cyber Security Minute

China-linked hackers target telecommunication providers in the Middle East

Issued by: Security Affairs

In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft Cell that was first reported in June 2019 by Cybereason. At the time, researchers at Cybereason uncovered the long-running espionage campaign tracked…

Network Security, Software Security

China’s Winnti Group Seen Targeting Governments in Sri Lanka, Hong Kong

Issued by: Security Week

Active since at least 2007 and also tracked as APT41, Barium, Blackfly, Double Dragon, Wicked Panda, and Wicked Spider, the Winnti Group is believed to be formed of multiple subgroups engaging in both cyberespionage and financially motivated operations. As part of a campaign ongoing since early August, the threat actor has been deploying various payloads…

Network Security

New Chinese Cyberespionage Group WIP19 Targets Telcos, IT Service Providers

Issued by: Security Week

The activities of this advanced persistent threat (APT), which SentinelOne tracks as WIP19, show overlaps with Operation Shadow Force, but it is unclear whether this is a new iteration of the campaign or the work of a different, more mature adversary using new malware and techniques. Mainly focused on entities in the Middle East and…

Malware & Threats

Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware

Issued by: Security Week

Also referred to as APT27, Bronze Union, Emissary Panda, Lucky Mouse, and TG-3390 (Threat Group 3390), Iron Tiger has been active since at least 2010, targeting hundreds of organizations worldwide for cyberespionage purposes. As part of recent attacks, the advanced persistent threat (APT) group abused the compromised servers of MiMi – an instant messaging application…

Malware & Threats

U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool

Issued by: Security Week

In a blog post published on Tuesday, cybersecurity research and incident response company Mandiant said it became aware of the campaign in May 2021, when it was called in to investigate an attack on a U.S. state government network. An analysis revealed that the attack had likely been carried out by a Chinese state-sponsored threat…

Application Security

TSA Requires Rail and Airports to Strengthen Cybersecurity

Issued by: Security Week

The Biden administration said the requirements made public Thursday are part of a broader effort at protecting the nation’s critical infrastructure from ongoing cyberespionage and a surge in disruptive ransomware attacks. “These new cybersecurity requirements and recommendations will help keep the traveling public safe,” Homeland Security Secretary Alejandro Mayorkas said in a statement. He had…

Malware & Threats

Russian hackers used NSA’s leaked EternalBlue exploit to spy on hotel guests

Issued by: CSO

A Russian government-sponsored cyberespionage group has been accused of using a leaked NSA hacking tool in attacks against one Middle Eastern and at least seven European hotels in order to spy on guests. Why reinvent the wheel, or a hacking tool, when the NSA created such an effective one? The NSA’s EternalBlue was leaked online…