Undetermined
March 10, 2022
•[ espionage, finance ]
A suspected Russian threat actor compromised an institution in Ukraine that was featured in false Russian weapons conspiracies in the past.
European diplomatic entity
March 8, 2022
•[ espionage, phishing, government ]
Researchers from Mandiant detect an incident where APT29 successfully phished a European diplomatic entity and ultimately abused the Windows Credential Roaming feature.
Unnamed engineering company with energy and military customers
February 28, 2022
•[ espionage, malware, energy ]
Researchers from Symantec/Broadcom reveal that an unnamed engineering company with energy and military customers was recently the target of the North Korean group Stonefly.
Undetermined
February 24, 2022
•[ espionage, phishing, finance ]
A phishing campaign was observed using a possibly compromised Ukrainian armed service member's email account, to target European government personnel involved in managing the logistics of refugees fleeing Ukraine. Researchers indicate there was a clear preference for targeting individuals with responsibilities related to transportation, financial and budget allocation, administration, and population movement within Europe.
Undetermined
February 23, 2022
•[ espionage, finance, government ]
More than 600 websites belonging to the defence ministry in Kyiv and other institutions suffered attacks with the launch of thousands of exploits with attempts pointed to at least 20 distinct vulnerabilities. The campaign started mid-February and peaked on 23 February. The attacks sought to infiltrate targets ranging from border defence forces to the national bank and railway authority. They were designed to steal data and explore ways to shut down or disrupt vital defence and civilian infrastructure. The Times, allegedly quoting a source at the SBU, claimed the campaign was co-ordinated by the Chinese government. The SBU went on to deny The Times report.
Undetermined
February 1, 2022
•[ espionage, phishing, energy ]
Spear phishing email was sent to an employee of a Ukrainian energy organization containing malicious files that would download and install a payload known as SaintBot (a downloader) and OutSteel (a document stealer). The same threat actor group targeted a Western government entity in Ukraine, as well as several Ukrainian government organizations back in March 2021.
Polish Ministry of Defense
January 14, 2022
•[ espionage, government ]
Polish Ministry of National Defnse databases containing sensitive military information are compromised.
Senior officials at the European Commission
December 31, 2021
•[ espionage, malware, government ]
Reuters reveals that senior officials at the European Commission were targeted last year with the NSO spy software.
New Zealand's e Parliamentary Counsel Office and Parliamentary Service
December 31, 2021
•[ espionage, government ]
The government of New Zealand reveals that the Parliamentary Counsel Office and the Parliamentary Service in 2021, suffered a cyber attack from the PRC state-sponsored group known as APT40.
Four Jordanian human rights defenders
December 5, 2021
•[ espionage, malware, government ]
An investigation by Front Line Defenders and Citizen Lab reveals that the iPhone of Jordanian journalist Suhair Jaradat was hacked with Pegasus, the spyware of the NSO group.
German Federal Agency for Cartography and Geodesy (BKG)
December 1, 2021
•[ espionage, government ]
German authorities say that a Beijing-backed threat actor was behind a cyberattack three years ago on the countrys state cartography agency, and summon the Chinese ambassador to Berlin for further discussions.
At least 7 Indian electricity grid centers
September 30, 2021
•[ espionage, energy ]
Researchers from Recorded Future reveal to have observed network intrusions targeting at least 7 Indian electricity grid centers by a Chinese state-sponsored actor dubbed TAG-38.
Port of Houston
September 23, 2021
•[ espionage, government ]
A suspected state-sponsored hacking group unsuccessfully attempts to breach the network of the Port of Houston.
JSC Makeyev Design Bureau
September 22, 2021
•[ espionage, phishing, government ]
Researchers discover spearphishing campaign targeting a developer of fuel for Russia's ballistic missiles via a Microsoft vulnerability.
Unknown Bahrain IT company
September 1, 2021
•[ espionage, hack, technology ]
Iranian group compromised email accounts at Bahrain-based IT company that works with government clients, who were likely the group's ultimate target.
Roshan
September 1, 2021
•[ espionage, technology ]
Researchers detect espionage campaign against one of Afghanistan's largest telecommunications providers.
Korea Atomic Energy Research Institute
June 14, 2021
•[ espionage, vulnerability, government ]
South Korea's government-sponsored insitute for nuclear power research is hacked by North Korean actors exploiting a VPN vulnerability.
Ukranian Cyber Police
June 4, 2021
•[ espionage, phishing, government ]
Three Ukranian cybersecurity agencies are targeted by Russian spear-phising operations aiming to gain intelligence.
Senior medical professionals in the United States and Israel
March 30, 2021
•[ espionage, healthcare ]
Researchers from Proofpoint reveal the details of BadBlood, a cyber espionage campaign carried out by malicious actors from Iran, targeting senior medical professionals in the United States and Israel
UK Ministry of Defence academy
March 21, 2021
•[ espionage, government ]
The UK Ministry of Defence academy is hit by major cyber attack by 'foreign power'
