Multiple Airlines
April 25, 2024
•[ espionage, ddos, technology ]
State officials from Lithuania and Estonia blame Russia for GPS jamming of commercial flights.
Volkswagen
April 20, 2024
•[ espionage, manufacturing ]
Threat actors associated with the Chinese government are believed to have hacked into Volkswagen systems in an effort to steal valuable data between 2011 and 2014.
Unnamed Philippines-based military company
April 3, 2024
•[ espionage, malware, government ]
China-linked APT used EggStreme (fileless, DLL-sideloaded) to persist on hosts at a Philippine military firm; EggStremeAgent backdoor + Keylogger enabled reconnaissance, lateral movement, and data theft; activity observed since early 2024; initial access unknown; attribution to a specific group not made.
Lithuania
March 8, 2024
•[ espionage, government ]
A report published by Lithuanian security services warne that China has escalated its espionage operations against Lithuania.
Russian Ministry of Defense (Minoborony)
March 4, 2024
•[ espionage, government ]
The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents.
British Home Office
March 1, 2024
•[ espionage, government ]
Threat actors from APT29 working for Russias foreign intelligence service accessed corporate emails and data on individuals from the British government, after they breached Microsoft in January 2024.
Chunghwa Telecom
February 29, 2024
•[ espionage, leak, government ]
The Taiwan ministry of national defense says that threat actors stole sensitive information including military and government documents from Chunghwa Telecom, Taiwans largest telecom company and sold it on the dark web.
Organizations in Japan
February 28, 2024
•[ espionage, malware, technology ]
Japan's Computer Security Incident Response Team (JPCERT/CC) warns that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware.
Organization in the defense sector
February 19, 2024
•[ espionage, malware, technology ]
Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn that Lazarus group's "Operation Dream Job," was also used against the defense sector.
MV Behshad
February 15, 2024
•[ espionage, hack, government ]
The U.S. conducts a cyberattack against MV Behshad, an Iranian military ship that had been collecting intelligence on cargo vessels in the Red Sea and the Gulf of Aden. Goal is to prohibit the sharing of information with Houthi rebels.
Dutch Ministry of Defence
February 9, 2024
•[ espionage, malware, government ]
The Military Intelligence and Security Service (MIVD) of the Netherlands revels that a Chinese cyber-espionage group breached the Dutch Ministry of Defence and deployed the COATHANGER malware on compromised devices exploiting the CVE-2022-42475 vulnerability targeting Fortinet devices.
Japanese Ministry of Foreign Affairs
February 5, 2024
•[ leak, espionage, government ]
A government source reveals that classified Japanese diplomatic documents were leaked after a Chinese cyberattacks on the Ministry of Foreign Affairs.
Multiple government agencies in the Philippines
February 2, 2024
•[ espionage, government ]
Government agencies in the Philippines announce they had repelled a cyberattack from threat actors suspected to be based in China.
Ukrainian military
February 2, 2024
•[ espionage, malware, government ]
Researchers from Securonix reveal the details of the STEADY#URSA campaign, an ongoing operation carried on by the russia-linked APT group Shuckworm (aka Gamaredon, and Primitive Bear, targeting the Ukrainian military with a new PowerShell backdoor called Subtle-Paws
Telecommunications organizations in Southeast Asia
February 1, 2024
•[ espionage, technology ]
Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks.
Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024.
Hewlett Packard Enterprise (HPE)
January 23, 2024
•[ hack, espionage, malware ]
Hewlett Packard Enterprise (HPE) discloses that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments.
Indian Air Force
January 17, 2024
•[ espionage, malware, government ]
Researchers from Cyble uncover a new espionage campaign potentially targeting the Indian Air Force with the Go Stealer information-stealing malware.
Loïc Lawson and Anani Sossou
January 16, 2024
•[ espionage, malware, technology ]
Reporters Without Borders (RSF) announces to have found traces of spyware resembling NSO groups Pegasus surveillance tool on the phones of two journalists in Togo (Loc Lawson and Anani Sossou).
Organizations in Myanmar
January 15, 2024
•[ espionage, backdoor, malware ]
Mustang Panda leveraged mavinject.exe and DLL side-loading to inject a ToneShell family backdoor into processes on targeted Myanmar organisation endpoints to enable espionage and persistent access.
Telcos, media, internet service providers (ISPs), and Kurdish websites in the Netherlands
January 3, 2024
•[ espionage, technology ]
Researchers from Hunt & Hackett reveal that the Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers (ISPs), and Kurdish websites.
