International Luge Federation
January 12, 2018
•[ espionage ]
A threat actor targeted international sports organizations in Western Europe in the run-up to the International Olympic Committee's banning Russian athletes from participating in the 2018 Winter Olympics in South Korea.
US Senate
January 12, 2018
•[ espionage, government ]
Researchers from Trend Micro reveal that the state sponsored hackers behind APT28 (AKA Pawn Storm AKA Fancy Bear) targeted the US Senate in mid-2017).
United States Olympic Committee
January 10, 2018
•[ espionage, malware, government ]
APT28 AKA Pawn Storm AKA Fancy Bear publish a set of apparently stolen emails purportedly belong to officials from the International Olympic Committee, the United States Olympic Committee, and third-party groups associated with the organizations.
Oromia Media Network
December 6, 2017
•[ espionage, malware, technology ]
A threat actor targeted Ethiopian dissidents for the purpose of espionage, using commercially available spyware sold by Cyberbit, an Israel-based company. Most notably, the actor targeted the Oromia Media Network and some individuals associated with it.
Siemens
November 27, 2017
•[ espionage, hack, manufacturing ]
The U.S. Department of Justice indicted three members of Boyusec, a China-based internet security firm, on charges including conspiring to commit computer fraud and abuse and conspiring to commit trade-secret theft. The victims included Moody's Analytics, Siemens, and Trimble. Though not mentioned in the indictment, Boyusec is believed to work on behalf of China's Ministry of State Security and be a front for APT3.
Daewoo Shipbuilding & Marine Engineering Co Ltd
October 31, 2017
•[ espionage, manufacturing ]
North Korea is suspected to have stolen South Korean warship blueprints after hacking into Daewoo Shipbuilding & Marine Engineering Co Ltd's database in April last year.
John Kelly's personal cellphone
October 5, 2017
•[ hack, espionage, government ]
White House officials believe that chief of staff John Kelly's personal cellphone was compromised, potentially as long ago as December, according to three U.S. government officials.
Minsk Operational Administration of the Armed Forces
September 28, 2017
•[ espionage, malware, government ]
A threat actor targeted the government of Belarus for espionage purposes, using a tool known as Travle or PYLOT, which is believed to be an update of malware used by NetTraveler. Between June and August the threat actor sent a total of 20 unique emails to various government entities. The emails contained a series of subject lines revolving around Zapad-2017, a joint exercise between the Russian and Belarusian militaries.
UAE government
September 17, 2017
•[ leak, espionage, government ]
A trove of leaking emails belonging to the UAE government reveals an alleged plot to "conquer" Qatar.
Swiss Federal Department of Defense, Civil Protection and Sports
September 15, 2017
•[ espionage, malware, government ]
Switzerland's Federal Department of Defense, Civil Protection and Sports reveals to have detected a cyber attack carried on by the infamous Turla APT.
Unnamed Bitcoin exchange in South Korea
August 24, 2017
•[ hack, espionage, finance ]
The CWIC Cyber Warfare Research Center in South Korea reveals that a domestic exchange for bitcoin has been the target of an attempted hacking. Suspects are directed to North Korea.
Macron Campaign
July 27, 2017
•[ espionage, social, government ]
Reuters reveals that Russian intelligence agents attempted to spy on President Emmanuel Macron's election campaign earlier this year by creating phony Facebook personas.
Ireland's Electricity Supply Board
July 15, 2017
•[ espionage, phishing, energy ]
The Times reveals that hackers backed by the Russian government have targeted the Republic of Ireland's energy sector, and aimed to infiltrate control systems. This would have given them the power to knock out parts of the grid in Northern Ireland. The attackers sent phishing emails to senior engineers at Ireland's Electricity Supply Board.
Col. Richard Downie
June 20, 2017
•[ espionage, malware, government ]
A threat actor targeted individuals who were political critics and business rivals of Ricardo Martinelli, president of Panama between 2009 and 2014, for espionage purposes. The threat actor uses the Pegasus tool, created by the NSO Group. One of the victims is Col. Richard Downie (ret.), the former director of the Center for Hemispheric Studies at the National Defense University. He worked on the 2014 presidential campaign of Juan Carlos Navarro.
U.S. Electoral System
June 13, 2017
•[ espionage, government ]
New investigations reveal that Russia's cyberattack on the U.S. electoral system before Donald Trump's election was far more widespread than publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.
Montenegro
June 6, 2017
•[ espionage, phishing, government ]
Security firm FireEye reveals the details of a wave of attacks targeting Montenegro using spear-phishing, after its decision to join NATO.
Ismael Borquez
May 26, 2017
•[ espionage, malware, government ]
The Mexican government is suspected of using NSO Group spyware to compromise the personal devices of journalists, lawyers, activists, scientists, politicians, and civil society organizations. One of the victims is Ismael Borquez, the director of R Doce and a colleague of Javier Valdez. Valdez was killed in May 2017 and was investigating organized crime in the state of Sinaloa.
Griselda Triana
May 25, 2017
•[ espionage, malware, government ]
The Mexican government is suspected of using NSO Group spyware to compromise the personal devices of journalists, lawyers, activists, scientists, politicians, and civil society organizations. One of the victims is Ismael Borquez, the director of R Doce and a colleague of Javier Valdez. Valdez was killed in May 2017 and was investigating organized crime in the state of Sinaloa.
US Department of Defense
May 18, 2017
•[ espionage, malware, government ]
A Times report suggests that Russia may have used Twitter as a tool of international espionage: agents of the Russian government could have sent malware-laced Twitter messages to more than 10,000 employees of the US Department of Defense.
Andres Villarreal
May 17, 2017
•[ espionage, malware, government ]
The Mexican government is suspected of using NSO Group spyware to compromise the personal devices of journalists, lawyers, activists, scientists, politicians, and civil society organizations. One of the victims is Andres Villarreal, a journalist at R'o Doce and a colleague of Javier Valdez. Valdez was killed in May 2017 and was investigating organized crime in the state of Sinaloa.
