Cambodia National Rescue Party
July 10, 2018
•[ espionage, government ]
A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the opposition Cambodia National Rescue Party.
Cambodian Senate
July 10, 2018
•[ espionage, government ]
A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Senate.
U.S. Air Force
July 10, 2018
•[ espionage, misconfiguration, government ]
Security Firm Recorded Future identifies an attempted sale of what is believed to be highly sensitive U.S. Air Force documents pertaining to the MQ-9 Reaper drone. The attack was carried on via the default FTP authentication credentials in Netgear routers.
Cambodia
July 10, 2018
•[ espionage, government ]
Researchers from FireEye reveal a large scale operation from TEMP.Periscope, a Chinese cyber espionage group seeking to monitor the country's upcoming and contentious July 29 national elections.
Cambodian Ministry of Economics and Finance
July 10, 2018
•[ espionage, government ]
A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Ministry of Economics and Finance.
Cambodian Ministry of the Interior
July 10, 2018
•[ espionage, government ]
A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Ministry of the Interior.
Monovithya Kem
July 10, 2018
•[ espionage, government ]
A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is Monovithya Kem, the daughter of a jailed opposition leader.
Australian National University
July 6, 2018
•[ hack, espionage, education ]
China-based hackers have successfully infiltrated the IT systems at the Australian National University, potentially compromising the home of Australia's leading national security college and key defence research projects.
South Korean defense company
June 22, 2018
•[ espionage, government ]
Researchers from Palo Alto Networks uncover a new operation conducted by the cyber espionage group known as Tick APT. The campaign targets a secure USB drive built by a South Korean defense company.
Mongolian government data center
June 13, 2018
•[ espionage, malware, government ]
A threat actor has compromised a government data center in Mongolia. Kaspersky Lab assesses that the threat actor used its access to compromise websites that they will use in subsequent watering-hole attacks.
South Korean Think Tank
June 11, 2018
•[ espionage, malware, government ]
North Korea-linked Lazarus APT Group planted an ActiveX zero-day exploit on the website of a South Korean think tank focused on national security.
US Navy Contractor
June 8, 2018
•[ espionage, hack, government ]
Chinese government hackers have compromised the computers of a Navy contractor, stealing 600+ Gb of highly sensitive data related to undersea warfare, including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, accordding to American officials.
Afghan diplomats in Pakistan
May 26, 2018
•[ espionage, phishing, government ]
Afghan diplomats in Pakistan are warned they are believed to be victims of "government-backed" digital attacks trying to steal their email passwords.
Japanese defense companies
April 23, 2018
•[ espionage, government ]
According to FireEye, the Chinese group APT10 has targeted Japanese defense companies, possibly to get information on Tokyo's policy toward resolving the North Korean nuclear impasse.
Middle Eastern Individuals
April 16, 2018
•[ espionage, malware, government ]
Researchers from Lookout reveal the details of an espionage campaign using two malware strains called Desert Scorpion and FrozenCell, to spy on targets in Palestine. The attackers are thought to be linked to Hamas.
Unnamed European government
March 15, 2018
•[ espionage, malware, government ]
Researchers from Palo Alto Networks reveal a new campaign carried on by the infamous APT28 (AKA Fancy Bear AKA Sofacy) targeting an unnamed European Government, exploiting an updated version of DealersChoice, a platform that exploits a Flash vulnerability.
Queensland Transport Department
March 13, 2018
•[ espionage, government ]
ABC News reveals that overseas hackers breached the Queensland Transport Department's security network last year, before attempting to steal information from staff members from other sections of government.
UK government contractor
March 9, 2018
•[ espionage, malware, government ]
Researchers at NCC Group reveal to have discovered multiple backdoors on a UK government contractor's computer systems designed to steal sensitive government and military data. The hack is tied to China-linked cyber espionage group APT15.
SVR (COZYBEAR)
January 25, 2018
•[ espionage, government ]
A threat actor successfully compromised the networks of the Dukes (Cozy Bear), gaining visibility into the Dukes' targeting methods and operations. This compromise allegedly helped the U.S. intelligence community to attribute the 2016 compromise of the Democratic National Committee and other entities to Russian state-sponsored actors.
Tv3.lt
January 18, 2018
•[ espionage, hack, technology ]
Ghostwriter, a suspected Belarus-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland'to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
