Latest Cyber-espionage news

Evasive Gelsemium hackers spotted in attack against Asian govt

A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023.
- Bill Toulas
- September 23, 2023
- 11:09 AM
- 0
‘Sandman’ hackers backdoor telcos with new LuaDream malware

A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.'
- Bill Toulas
- September 21, 2023
- 03:50 PM
- 0
New SprySOCKS Linux malware used in cyber espionage attacks

A Chinese espionage-focused hacker tracked as 'Earth Lusca' was observed targeting government agencies in multiple countries, using a new Linux backdoor dubbed 'SprySOCKS.'
- Bill Toulas
- September 18, 2023
- 10:05 AM
- 2
US govt email servers hacked in Barracuda zero-day attacks

Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway (ESG) zero-day, with a focus on entities across the Americas.
- Sergiu Gatlan
- August 29, 2023
- 08:00 AM
- 2
Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection

Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing, and information technology organizations likely for espionage purposes.
- Bill Toulas
- August 25, 2023
- 11:56 AM
- 0
North Korean hackers 'ScarCruft' breached Russian missile maker

The North Korean state-sponsored hacking group ScarCruft has been linked to a cyberattack on the IT infrastructure and email server for NPO Mashinostroyeniya, a Russian space rocket designer and intercontinental ballistic missile engineering organization.
- Bill Toulas
- August 07, 2023
- 10:57 AM
- 0
Russian state hackers lure Western diplomats with BMW car ads

The Russian state-sponsored hacking group 'APT29' (aka Nobelium, Cloaked Ursa) has been using unconventional lures like car listings to entice diplomats in Ukraine to click on malicious links that deliver malware.
- Bill Toulas
- July 12, 2023
- 03:01 PM
- 1
Hackers target European government entities in SmugX campaign

A phishing campaign that security researchers named SmugX and attributed to a Chinese threat actor has been targeting embassies and foreign affairs ministries in the UK, France, Sweden, Ukraine, Czech, Hungary, and Slovakia, since December 2022.
- Bill Toulas
- July 03, 2023
- 12:44 PM
- 0
CISA orders govt agencies to patch bugs exploited by Russian hackers

On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six more security flaws to its known exploited vulnerabilities (KEV) list.
- Sergiu Gatlan
- June 22, 2023
- 03:04 PM
- 0
Chinese APT15 hackers resurface with new Graphican malware

The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named 'Graphican' in a new campaign between late 2022 and early 2023.
- Bill Toulas
- June 21, 2023
- 06:00 AM
- 0
Russian APT28 hackers breach Ukrainian govt email servers

A threat group tracked as APT28 and linked to Russia's General Staff Main Intelligence Directorate (GRU) has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities.
- Sergiu Gatlan
- June 20, 2023
- 09:00 AM
- 0
Barracuda ESG zero-day attacks linked to suspected Chinese hackers

A suspected pro-China hacker group tracked by Mandiant as UNC4841 has been linked to data-theft attacks on Barracuda ESG (Email Security Gateway) appliances using a now-patched zero-day vulnerability.
- Bill Toulas
- June 15, 2023
- 09:25 AM
- 0
Chinese hackers used VMware ESXi zero-day to backdoor VMs

VMware patched today a VMware ESXi zero-day vulnerability exploited by a Chinese-sponsored hacking group to backdoor Windows and Linux virtual machines and steal data.
- Sergiu Gatlan
- June 13, 2023
- 12:48 PM
- 0
Asylum Ambuscade hackers mix cybercrime with espionage

A hacking group tracked as 'Asylum Ambuscade' was observed in recent attacks targeting small to medium-sized companies worldwide, combining cyber espionage with cybercrime.
- Bill Toulas
- June 08, 2023
- 03:21 PM
- 0
GoldenJackal state hackers silently attacking govts since 2019

A relatively unknown advanced persistent threat (APT) group named 'GoldenJackal' has been targeting government and diplomatic entities in Asia since 2019 for espionage.
- Bill Toulas
- May 23, 2023
- 06:53 PM
- 0
Stealthy MerDoor malware uncovered after five years of attacks

A new APT hacking group dubbed Lancefly uses a custom 'Merdoor' backdoor malware to target government, aviation, and telecommunication organizations in South and Southeast Asia.
- Bill Toulas
- May 15, 2023
- 01:28 PM
- 0
FBI nukes Russian Snake data theft malware with self-destruct command

Cybersecurity and intelligence agencies from all Five Eyes member nations took down the infrastructure used by the Snake cyber-espionage malware operated by Russia's Federal Security Service (FSB).
- Sergiu Gatlan
- May 09, 2023
- 12:29 PM
- 7
Chinese hackers use new Linux malware variants for espionage

Hackers are deploying new Linux malware variants in cyberespionage attacks, such as a new PingPull variant and a previously undocumented backdoor tracked as 'Sword2033.'
- Bill Toulas
- April 26, 2023
- 06:00 AM
- 1
Newly exposed APT43 hacking group targeting US orgs since 2018

A new North Korean hacking group has been revealed to be targeting government organizations, academics, and think tanks in the United States, Europe, Japan, and South Korea for the past five years.
- Bill Toulas
- March 28, 2023
- 11:00 AM
- 0
'Bitter' espionage hackers target Chinese nuclear energy orgs

A cyberespionage hacking group tracked as 'Bitter APT' was recently seen targeting the Chinese nuclear energy industry using phishing emails to infect devices with malware downloaders.
- Bill Toulas
- March 24, 2023
- 10:47 AM
- 0