A previously unknown threat group orchestrated a supply chain attack using a Chinese encryption app to target victims mostly located in Hong Kong. Korplug, the backdoor incorporated into the encryption app, "is known to be used by multiple APT groups," Symantec says.
U.S. intelligence agencies are warning about unnamed foreign intelligence entities targeting the private space sector to steal sensitive data related to satellite payloads and disrupting and degrading U.S. satellite capabilities. They say space-related innovation is a valuable target.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
Hackers wielding generative artificial intelligence tools have yet to pose a serious cybersecurity risk, say researchers at Google's threat intelligence group Mandiant, as they sound the alarm instead about a rise in information operations featuring AI-generated fake images and video.
Ransomware and other cyberthreats stemming from overseas actors surged last year in Germany, causing losses worth billions of euros, the country's federal police said. While domestic cybercrime decreased by 6.5% in comparison to 2021, they said, crimes committed by foreign actors increased by 8%.
A Chinese state-sponsored spy group called RedHotel has emerged as a dominant espionage agent against government entities of at least 17 countries worldwide. Researchers said the motives and operations of the group closely link it to China's Ministry of State Security.
Ukrainian cyber defenders said they had thwarted an attempt by Russian military intelligence to deploy widespread malware programmed to spy on battlefield management apps. Russian hackers' preparation for the malware campaign was "long-term and thorough," Ukraine's SBU said.
Japanese classified military networks reportedly suffered a massive breach in 2020 at the hands of a Chinese cyberespionage group that proved tough to eject. One cybersecurity expert said Chinese cyberespionage groups targeting Japan and its allies are employing ever more "stealthy intrusions."
Hackers attempting to spy on the Ukrainian government are using an open-source remote access Trojan, said Kyiv cyber defenders. The RAT, MerlinAgent, is available on GitHub. The threat actor spoofed the Computer Emergency Response Team of Ukraine in phishing emails.
The U.S. federal government acknowledged that it is lagging behind on border gateway protocol security practices. Officials from several government agencies, ISPs and cloud content providers organized a workshop to understand the latest security improvements underway.
A Russia-linked hacking group is shifting its online infrastructure likely in response to public disclosures about its activity. Its ability to adapt to public reporting suggests it will persist with "operations for the foreseeable future" and continue to evolve its tactics, Recorded Future warned.
How much of a risk do hacktivists pose? Hacktivism's heyday was arguably a decade ago. While activists do keep using chaotic online attacks to loudly promote their cause, they're tough to distinguish from fake operations run by governments, including Russia and Iran.
A Russian intelligence hacking campaign actively targeted European diplomats and think tanks as part of an espionage operation that lasted nearly six months. One characteristic of APT29 is how it blends in malicious traffic with legitimate traffic in order to evade detection.
Government-backed North Korean hackers are posting convincing U.S. military job recruitment documents to lure Korean-speaking victims into downloading malware staged from legitimate but compromised South Korean websites, according to security researchers.
The highly active, North Korea-linked Lazarus Group is targeting unpatched Microsoft Internet Information Services servers to escalate privileges and distribute malware. Researchers spotted the group using watering hole techniques to fool victims in South Korea.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
