Offtec
July 31, 2023
•[ espionage, malware, technology ]
Researchers from Deep Instinct discover a new campaign from the "MuddyWater" group targeting Offtec, a Jordanian conglomerate using MuddyC2Go, a new C2 Framework.
Targets including members of the U.S. Congress and European officials.
June 30, 2023
•[ espionage, malware, government ]
Amnesty International discover a campaign allegedly carried out by the Vietnamese government with the Predator spyware against targets including members of the U.S. Congress and European officials.
JumpCloud
June 27, 2023
•[ espionage, technology ]
JumpCloud, a US-based enterprise software firm notifies several customers of an "ongoing incident" and as a caution, the company invalidates existing admin API keys to protect its customer organizations. Few days later, the breach is traced back to North Korean state-sponsored actors from Lazarus Group.
Unknown cryptocurrency exchange located in Japan
June 21, 2023
•[ espionage, malware, finance ]
Researchers from Elastic reveal that an unknown cryptocurrency exchange located in Japan was the target of an attack to deploy the Apple macOS backdoor called JokerSpy.
Service members of the U.S. Military
June 15, 2023
•[ espionage, malware, government ]
Service members across the military report receiving smartwatches unsolicited in the mail. The smartwatches, when used, auto-connect to Wi-Fi and begin connecting to cell phones unprompted, gaining access to a myriad of user data, and could also connect malware.
Non-profit organization(s) in Saudi Arabia
May 31, 2023
•[ espionage, malware, healthcare ]
Researchers from Cisco Talos disclose a stealthy cyberespionage campaign that targeted a non-profit organization in Saudi Arabia with a backdoor named Zardoor, and remained undetected for two years.
Eurasia Group
May 3, 2023
•[ espionage, phishing, government ]
Eurasia Group discovers suspicious activity within its email system by a sophisticated threat actor in two different circumstances.
3CX
April 20, 2023
•[ espionage, malware, technology ]
Researchers from Mandiant reveal that the 3CX supply chain attack was caused by another supply chain compromise where suspected North Korean attackers breached the site of stock trading automation company Trading Technologies to push trojanized software builds.
Cisco
April 18, 2023
•[ espionage, malware, technology ]
The UK National Cyber Security Centre (NCSC), US Cybersecurity and Infrastructure Security Agency (CISA), NSA, FBI, and Cisco warn of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, exploiting CVE-2017-6742, allowing unauthenticated access to the device.
Undisclosed government agency in Ukraine.
April 18, 2023
•[ espionage, government ]
The Ukraine's computer emergency response team, CERT-UA, identifies a cyber-espionage campaign carried on by an unidentified threat actor named UAC-0063, targeting an undisclosed government agency in Ukraine.
Ukraine Coffee Shops
April 11, 2023
•[ espionage, misconfiguration, retail ]
The National Security Agency reveals that Russian threat actors have logged into private security cameras in Ukraine coffee shops to collect intelligence on aid convoys.
India's Defense Research and Development Organization (DRDO)
March 21, 2023
•[ espionage, malware, government ]
Security researchers from Cyble discover a new campaign by the Pakistani cyberespionage group SideCopy APT employing fresh tactics to target workers at India's Defense Research and Development Organization and steal sensitive military secrets.
Diplomatic entities and government agencies in Eastern Europe
March 14, 2023
•[ espionage, phishing, government ]
Researchers from BlackBerry reveal that the Russian state-backed group known as Nobelium is behind recent attempted cyberattacks on diplomatic entities and government agencies in the European Union via phishing emails with a malicious document attached, using the Polish Foreign Minister's recent visit to the US as a lure.
VisitFaroeIslands
March 4, 2023
•[ hack, espionage, technology ]
The SeigedSec hacking group claims to have defaced the tourist website for the Faroe Islands '" a self-governing territory of the Kingdom of Denmark '" and to have stolen employee data and other sensitive information.
Association of Southeast Asian Nations (ASEAN)
February 28, 2023
•[ espionage, government ]
Chinese state-sponsored threat actors managed to breach the mail servers operated by the Association of Southeast Asian Nations, stealing a trove of data that may have contained strategic information about the economy and politics of member countries.
Ukranian Government
February 23, 2023
•[ espionage, malware, government ]
The Computer Emergency Response Team of Ukraine (CERT-UA) reveals that Russian state-sponsored threat actors have breached multiple government websites this week using backdoors planted as far back as December 2021.
Ukrainian government agencies
February 6, 2023
•[ espionage, phishing, government ]
The Ukraine's computer emergency response team (CERT-UA) reveals that in a recent phishing campaign against Ukrainian government agencies, attackers attempted to install the Remcos surveillance software on victims' computers.
Korean Archaeological Society
January 31, 2023
•[ espionage, education ]
Researchers from Recorded Future discover a new wave of attacks of the Chinese threat actor known as Xiaoqiying, targeting organizations in South Korea.
Brookhaven Nuclear Laboratory (BNL)
January 6, 2023
•[ espionage, phishing, energy ]
The Russian group Cold River targeted the Brookhaven Nuclear Laboratory with a spear phishing campaign creating fake login pages.
Ukrainian Government Entities
December 12, 2022
•[ espionage, phishing, government ]
Ukrainian government agencies and the state railway are the latest victims of a new wave of phishing attacks, Ukraine's Computer Emergency Response Team (CERT-UA) reported last week.
