Ukranian Government
February 23, 2023
•[ espionage, malware, government ]
The Computer Emergency Response Team of Ukraine (CERT-UA) reveals that Russian state-sponsored threat actors have breached multiple government websites this week using backdoors planted as far back as December 2021.
Ukrainian government agencies
February 6, 2023
•[ espionage, phishing, government ]
The Ukraine's computer emergency response team (CERT-UA) reveals that in a recent phishing campaign against Ukrainian government agencies, attackers attempted to install the Remcos surveillance software on victims' computers.
Korean Archaeological Society
January 31, 2023
•[ espionage, education ]
Researchers from Recorded Future discover a new wave of attacks of the Chinese threat actor known as Xiaoqiying, targeting organizations in South Korea.
Brookhaven Nuclear Laboratory (BNL)
January 6, 2023
•[ espionage, phishing, energy ]
The Russian group Cold River targeted the Brookhaven Nuclear Laboratory with a spear phishing campaign creating fake login pages.
Ukrainian Government Entities
December 12, 2022
•[ espionage, phishing, government ]
Ukrainian government agencies and the state railway are the latest victims of a new wave of phishing attacks, Ukraine's Computer Emergency Response Team (CERT-UA) reported last week.
Ukrainian critical infrastructure organization
December 10, 2022
•[ espionage, energy ]
Researchers from Mandiant reveal that Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques used for disruptive events in Ukraine.
Ukraine Ministry of Finance
November 29, 2022
•[ hack, espionage, government ]
Russian hackers from the XakNet collective claim to have breached the Ukraine Ministry of Finance, gaining access to more than one million documents.
LNG terminals in the Netherlands
November 25, 2022
•[ espionage, energy ]
Researchers from Dragos report that Russian hackers from Xenotime and Kamacite have been doing "exploratory research" into the systems of the Dutch LNG (Liquid Natural Gas) terminals.
Undisclosed major Israeli security organization
November 23, 2022
•[ espionage, government ]
An Iranian hacker group by the name of Moses Staff publishes footage of the bombing attack in Jerusalem on its Telegram group, claiming to have hacked the surveillance cameras belonging to a major Israeli security organization. However Israeli authorities deny the hack.
Undisclosed organization in the United States
November 15, 2022
•[ espionage, malware ]
Researchers from Kaspersky reveal the details of the latest campaign from the North Korean group Lazarus targeting multiple organizations in Europe and America via the DTrack modular backdoor.
Indian defense personnel
November 7, 2022
•[ espionage, malware, government ]
Researchers at Cyfirma discover a new malicious Android installation package, a variant of the Spymax RAT, targeting Indian defense personnel since at least July 2021.
Unidentified organization
October 31, 2022
•[ espionage, government ]
Researchers from Trend Micro discover a new campaign, conducted between March and October 2022, targeting government, academic, foundations, and research sectors of multiple countries including Myanmar, Australia, the Philippines, Japan, and Taiwan.
Amnesty International Canada
October 6, 2022
•[ espionage, government ]
Amnesty International's Canadian branch has disclosed a security breach detected in early October and linked by cybersecurity firm Secureworks, who investigated the incident, to a threat group likely sponsored by China.
Unnamed defense company
October 4, 2022
•[ espionage, malware, government ]
The Cybersecurity and Infrastructure Security Agency (CISA), FBI and National Security Agency (NSA), say it is likely that multiple government hacking groups had "long-term" access to the network of a defense company, exploiting Microsoft Exchange vulnerabilities to gain access remotely and compromise legitimate company accounts to access emails, meetings, and contacts belonging to other employees, via a custom data exfiltration tool, CovalentStealer.
Mexican journalists and a human rights defender
October 2, 2022
•[ espionage, malware, government ]
An investigation reveals that Mexican journalists and a human rights defender investigating links between extrajudicial killings, drugs cartels, and the Mexican military, were infected with NSO Group's Pegasus spyware.
Ukrainian foreign intelligence service
September 26, 2022
•[ espionage, hack, government ]
The Russian hacker group RaHDIt posts the data of 1,500 employees of the Ukrainian foreign intelligence service.
Northwestern Polytechnical University
September 11, 2022
•[ espionage, education ]
China denounces the U.S. Embassy in Beijing following a joint report from two of the country's most prominent cyber authorities (China's National Computer Virus Emergency Response Center (CVERC) and the company 360) accusing the National Security Agency of stealing "sensitive information" from Chinese institutions, in particular the Northwestern Polytechnical University.
British Hospitals
August 9, 2022
•[ espionage, ddos, healthcare ]
The Russian-affiliated collective Phoenix claims to have conducted a DDoS campaign against British hospitals and foundations assisting Ukraine.
Nikos Androulakis
July 26, 2022
•[ espionage, malware, government ]
A security audit by the European Parliament reveals attempts to plant the Cytrox surveillance software on the phone of Nikos Androulakis, a Greek lawmaker.
NATO Country in Europe
July 19, 2022
•[ espionage, government ]
Researchers from Palo Alto reveal the details of a new cyber espionage campaign carried out by the Russian threat actor APT29 targeting a Nato country in Europe.
