Cyber Espionage News, Articles and Updates

N Korea expanding cyber-attack capabilities, intention appears disruption

North Korea appears to be planning major international cyber-attacks, with espionage group APT37 (Reaper) seen to be expanding its scope and sophistication with new zro day vulnerabilities and wiper malware.

New US Office of Cybersecurity, Energy Security, & Emergency Response

The US Department of Energy has established and funded a new Office of Cybersecurity, Energy Security, and Emergency Response (CESER).

The USA goes nuclear: how should the security community react?

The attribution of a cyber-attack is a key question in this debate about nuclear responses. It is extremely difficult to pinpoint the source of a tech invasion, as complex coding techniques mean users are able to retain online anonymity.

Two-year-old malware campaign plagues Ukrainians with Vermin, Quasar RATs

Researchers have uncovered a two-year-old cyber-espionage campaign that's been infecting Ukrainians with either a newly discovered remote access tool called Vermin or the more established Quasar RAT.

Data from soldiers' fitness trackers reveal sensitive locations, routines

A heatmap of two years' worth of fitness tracker Strava's global data, released last November but discovered more recently by an Australian student, inadvertently revealed the location of US military facilities in war zones.

Pawn Storm readied attacks against US political and Olympic targets

The cyber-espionage gang Pawn Storm, also known as Fancy Bear and affiliated with Russian intelligence, targeted US senators in a cyber-espionage reminiscent of the one launched against French President Emmanuel Macron.

Turla cyber-espionage group fakes Adobe to drop malware on embassies

Cyber-espionage group Turla is reported to be targetting embassies and consulates in the post-Soviet states using a new tool to dupe potential victims into installing malware to exfiltrate data.

Report: Chinese cyber-spies target Western think tanks, DDos attacks in Q4

At least four Western think tanks and two non-government organisations were targeted in Chinese cyber- espionage activities this past October and November, according to a new report from CrowdStrike.

Interview. Airbus defends physical assets from fileless attacks & AI

In a wide ranging interview, Lloyd Rush, UK Cyber Defence Centre manager, Airbus Defence and Space provides SC with insight into the latest attack trends, including fileless, plus the threat of criminal AI use and SOC responses.

Microsoft Office flaw exploited by suspected Iranian APT group

Researchers believe a suspected Iranian APT group is responsible for a recent cyber-espionage operation that targeted a Middle Eastern government organisation.

Pro-ISIS hackers threaten to launch cyber-attack today

Pro-ISIS hackers have reportedly posted a video threatening to launch a global cyber-attack on government, military, and corporate websites today, Thursday, Dec. 8 - with the US as its first target.

US charges members of elite Chinese hacking unit APT3

Federal prosecutors in US charge three Chinese nationals with hacking into Siemens AG, Trimble Inc and Moody's Analytics.

News Feature. Case for the defence - Eugene Kaspersky - not a spy?

In a two-pronged charm offensive Kaspersky Lab, and Eugene Kaspersky in particular, held two consecutive events yesterday to bolster the company's position as a reliable and responsible contributor to global cyber-security.

Former internet troll reveals secrets of Russia's Internet Research Agency

A former insider at Russia's Internet Research Agency (IRA) has divulged details on the online troll factory's operations, stating that he "absolutely" believes the organisation is connected to the Kremlin.

Kaspersky offers alternate theory for how NSA hacking tools were stolen

Kaspersky Lab has released findings from its own internal probe into how Russian cyber spies identified and stole U.S. hacking tools from an NSA contractor's laptop - found evidence that the laptop had been infected with malware.

DHS, FBI analyze North Korean Hidden Cobra, FallChill

The US Department of Homeland Security (DHS) and US Federal Bureau of Investigation (FBI) have officially revealed the IP addresses that they say are used by the North Korean government to administer the RAT FallChill.

NCSC head blames Russia for cyber-attacks

The head of the UK GCHQ's National Cyber Security Centre (NCSC) on Wednesday accused Russia of staging attacks on critical infrastructure and other sectors within the past year.

The role of good data protection in a post cyber world

We now see 'weaponisation' of personal data against civilian groups largely indifferent to observation; as we live our lives online, criminal methods get easier, and rewards greater, cyber-crime is getting organised warns Peter Groucutt.

Microsoft issues warning on Dynamic Data Exchange vulnerability

With APT28 now using Microsoft's Dynamic Data Exchange (DDE) as an attack point, the company has issued an official advisory concerning the practice, along with possible mitigation methods.

Sowbug APT uses Felismus backdoor to for cyber-espionage operations

A previously unknown cyber-espionage group called Sowbug has been found using the Felismus backdoor to spy on several South American and Pacific Rim national governments for the last several years.

Russian hackers altered Clinton campaign email, part of broader initiative

Guccifer 2.0, widely believed to be an alias for hackers tied to the Russian government, apparently altered at least one document stolen from the Democratic National Committee (DNC), adding the designation "confidential" to the email.

Arabic, Urdu, Persian, Pashto InPage processor used by 3 malware families

An exploit in the InPage word processor program was used as an attack vector by three malware families. The word processor supports languages such as Urdu, Persian, Pashto, and Arabic.

US Justice Dept has evidence to charge Russian officials with DNC hack

More than half a dozen Russian government officials are in the US Justice Department's crosshairs and may be facing charges for hacking computers at the Democratic National Committee during the 2016 presidential campaign.

Did Israel deliver spyware using Adobe Flash 0-day in Word document?

A new Adobe Flash zero day exploit has been identified, reportedly used in an attack on 10 October by a threat actor known as BlackOasis and delivered through a Microsoft Word document to deploy the FinSpy commercial spyware.

Hacking container ships is dead easy, warn security consultants

Container ships could be at a very real risk of being hacked, warned security consultants as it is warned that there are security lapses a plenty on the high seas

Iran is being blamed for a cyber-attack against Parliamentary emails

The 23 June 12-hour brute force hack-attack against 9,000 parliamentary email accounts, including minsters and the PM, is now being blamed on Iran.

Defence minister says Poland fended off Russian cyber-attack on businesses

Poland's defence minister reportedly disclosed that his country successfully stopped yet another Russian cyber-attack.

Update: Russian hackers use Kaspersky AV, find NSA info on home device

Home computer of National Security Agency (NSA) worker contained classified data, detected by Russian hackers using Kaspersky AV software.

Cyber-attack threat as important as fighting terrorism says GCHQ

"Digital is the new frontline of national security, commented Rob Norris in response to reports of GCHQ head Jeremy Fleming describing how keeping the UK safe from cyber-attacks is now as important as fighting terrorism.