Thai Government Officials
December 13, 2024
•[ espionage, malware, government ]
Researchers at Netskope discover a campaign targeting Thai government officials through DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai.
Undisclosed Large U.S. Organization
December 5, 2024
•[ espionage ]
Researchers from Broadcom/Symantec reveal that a large U.S. organization was targeted by Chinese cyber-espionage actors.
Tibetans and Uyghurs Individuals
December 5, 2024
•[ espionage, malware ]
Researchers at Trend Micro discover a previously undocumented threat activity cluster dubbed Earth Minotaur, leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs.
Romania's Presidential Elections
December 4, 2024
•[ espionage, government ]
Romanias constitutional court annuls the first round of the countrys presidential election, citing Russian disinformation influence.
Human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe
November 21, 2024
•[ espionage, malware, government ]
Researchers at Recorded Future identify an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware.
Manufacturing industry in Pakistan
November 16, 2024
•[ espionage, malware, manufacturing ]
Researchers at Cyble discover a campaign linked to the known APT group DONOT, targeting the manufacturing industry that supports the countrys maritime and defense sectors.
Nuclear scientist and senior Israeli officials
November 11, 2024
•[ espionage, government ]
Threat actors believed to be affiliated with Iranian intelligence expose the personal details of a nuclear scientist who worked at the Soreq Nuclear Research Center, and private photos and emails of senior Israeli officials, including a former Defense Ministry director general.
Organizations in Israel
October 31, 2024
•[ espionage, malware, technology ]
Researchers at Check Point reveal that the threat actor dubber WIRTE, affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks with the SameCoin malware that exclusively target Israeli entities.
Sensitive government and police databases in Italy
October 25, 2024
•[ hack, espionage, government ]
Four people are arrested in Italy after a business intelligence company called Equalize is accused of hacking sensitive government and police databases to create dossiers for its clients.
North Caucasus Federal University
October 11, 2024
•[ hack, espionage, education ]
Ukraines military intelligence announced that they hacked the systems of North Caucasus Federal University, the Russian university that trains drone operators, digital communication specialists, engineers, and physicists for its army.
Governments and armed forces, think tanks, academic researchers, and Ukrainian entities
October 1, 2024
•[ espionage, malware, government ]
Researchers at Trend Micro reveal the details of a campaign carried out by the Russia-linked APT29 threat actor, leveraging malicious Remote Desktop Protocol (RDP) configuration files.
Undisclosed nuclear-related organization
October 1, 2024
•[ espionage, malware, energy ]
Researchers at Kaspersky reveal that the Lazarus Group, the threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization. The attacks, part of Operation Dream Job, culminated in the deployment of a new modular backdoor referred to as CookiePlus,
National Dutch police (Politie)
September 27, 2024
•[ espionage, government ]
The National Dutch police (Politie) says that a state actor was likely behind a data breach detected the previous week.
Diehl Defence
September 27, 2024
•[ espionage, malware, manufacturing ]
The North Korea-linked APT Kimsuky is linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems.
Senator Ben Cardin
September 26, 2024
•[ espionage, phishing, government ]
An advanced deepfake operation targets Sen. Ben Cardin, the Democratic chair of the Senate Foreign Relations Committee, who is involved in a Zoom conversation with a fake Dymtro Kuleba, the former Ukrainian Minister of Foreign Affairs.
Pacific Islands Forum Secretariat
September 12, 2024
•[ espionage, hack, government ]
Chinese state-sponsored hackers are reportedly suspected of compromising the networks of the Pacific Islands Forum (PIF) Secretariat, a regional diplomatic body based in Fiji.
Local and central government institutions in Poland
September 9, 2024
•[ espionage, government ]
Polish security services reveal to have neutralized a sabotage operation orchestrated by Russia and Belarus that aimed to destabilise Poland, penetrating local and central government institutions with the goal to extort information, to blackmail individuals and institutions and to wage a de facto cyberwar.
Biden-Harris campaign
August 1, 2024
•[ hack, espionage, government ]
The FBI is also investigating the alleged hack of the Biden-Harris campaign by threat actors from Iran
Senior American Political Figures
August 1, 2024
•[ espionage, government ]
The U.S. believes that the Chinese cyber espionage campaign Salt Typhoon targeted and recorded telephone calls of "very senior" American political figures.
Taiwanese government-affiliated research institute
July 15, 2024
•[ espionage, malware, government ]
Researchers from Cisco Talos reveal that a Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by the nation-state threat actors APT41 with ties to China, through a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike.
