Russia's Federal Air Transport Agency (Rosaviatsia)
November 23, 2023
•[ hack, espionage, government ]
Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector.
Government organization in Greece
November 15, 2023
•[ espionage, xss, government ]
Researchers from Google's Threat Analysis Group (TAG) discover a campaign targeting a government organization in Greece, exploiting the CVE-2023-37580 Zimbra email server vulnerability.
Embassies and international organizations
November 13, 2023
•[ espionage, malware, government ]
The Ukraine's National Cyber Security Coordination Center (NCSCC) reveals that Russian state-sponsored hackers from APT29 have targeted embassies and international organizations exploiting the WinRAR CVE-2023-38831 vulnerability.
Government and defense organizations in India
November 6, 2023
•[ espionage, malware, government ]
Researchers from Seqrite discover multiple campaigns of the Pakistan-based APT SideCopy, targeting Indian government and defense entities, exploiting the recent WinRAR vulnerability CVE-2023-38831 to deploy AllaKore RAT, DRat and additional payloads.
Undefined tech company
October 31, 2023
•[ espionage, malware, education ]
The Israel Computer Emergency Response Team (CERT) issues an alert about the BiBi wiper malware targeting organizations in Israel in the education and technology sectors. The attacks are attributed to the Iranian APT Agonizing Serpens.
Organizations in the transportation, logistics and technology sectors in Israel
October 31, 2023
•[ espionage, malware, technology ]
Researchers from Crowdstrike reveal the details of a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms in Israel using a novel malware family.
Two organizations in Israel
October 31, 2023
•[ espionage ]
Researchers from Deep Instinct discover a new campaign from the "MuddyWater" group targeting two Israeli targets.
Korek
September 30, 2023
•[ espionage, malware, technology ]
Researchers from Deep Instinct discover a new campaign from the "MuddyWater" group targeting Korek, an Iraqi Telecom provider using MuddyC2Go, a new C2 Framework.
Ukraine's prosecutor general's office, courts, and other entities involved in investigating war crimes
September 26, 2023
•[ espionage, government ]
The Ukraine's cybersecurity service (SSSCIP) reveal the details of a recent cyber espionage campaigns targeting Ukraine's prosecutor general's office, courts, and other entities involved in investigating war crimes.
Huawei
September 20, 2023
•[ espionage, malware, technology ]
China's Ministry of State Security (MSS) accuses the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009.
Energy facility in Ukraine
September 3, 2023
•[ espionage, energy ]
Ukraine's computer emergency response team (CERT-UA) reveals that the infamous Russian cyberespionage group APT 28 was caught attacking a critical energy facility in Ukraine.
Organizations in South Korea
August 31, 2023
•[ espionage, malware ]
Researchers from Ahnlab observe the North Korean threat actor known as Andariel employing an arsenal of malicious tools in a recent wave of attacks against South Korean organizations.
Two members of Serbian civil society
August 30, 2023
•[ espionage, malware, technology ]
Two members of Serbian civil society receive notification from Apple that their devices could have been compromised by a sophisticated spyware.
Japan Aerospace Exploration Agency (JAXA)
August 30, 2023
•[ hack, espionage, government ]
The Japan Aerospace Exploration Agency (JAXA) reveals it was hacked in a cyberattack over the summer, which may have put sensitive space-related technology and data at risk.
National Center of Incident Readiness and Strategy for Cybersecurity (NISC)
August 29, 2023
•[ hack, espionage, government ]
Suspected Chinese hackers breach Japan's cybersecurity agency and potentially access sensitive data stored on its networks for nine months.
Ulchi Freedom Shield
August 20, 2023
•[ espionage, government ]
Suspected North Korean hackers from Kimsuky have attempted an attack targeting the annual Ulchi Freedom Shield drills, a major joint military exercise between Seoul and Washington.
U.S. military procurement system and Taiwan-based organization
August 17, 2023
•[ espionage, malware, government ]
Researchers from Lumen discover a new HiatusRAT campaign performing reconnaissance against a U.S. military procurement system, and targeting of Taiwan-based organizations.
Southeast Asian gambling industry
August 17, 2023
•[ espionage, malware, technology ]
Researchers from SentinelOne discover a second phase of the Operation ChattyGoblin carried out by a China-aligned APT group known as 'Bronze Starlight', targeting the Southeast Asian gambling industry with malware signed using a valid certificate used by the Ivacy VPN provider.
Two members of civil society from Belgrade
August 16, 2023
•[ espionage, malware ]
The SHARE Foundation reveals that two members of civil society from Belgrade were hit by the Pegasus spyware, exploiting the 'PWNYOURHOME' vulnerability.
Iranian opposition and exiles based in Germany
August 10, 2023
•[ espionage, government ]
Germany's domestic intelligence service (Federal Office for the Protection of the Constitution - BfV) publishes a warning that Iranian dissident organizations and individuals in the country are being targeted by Charming Kitten, a suspected Iranian state-sponsored threat group.
