Cyber Espionage News, Articles and Updates

Ukrainian malware author is key witness against Russia in DNC hack investigation

A Ukrainian man who authored malware that U.S. intelligence said was used to hack the DNC has become a witness for the FBI after turning himself in early this year, the New York Times has reported.

U.S. Military vows to tweak and fling malware back at creators

U.S. military hackers are by throwing the proverbial malware grenade back at the enemy

Lazarus Group tied to new phishing campaign targeting defense industry workers

The Lazarus Group appears to be targeting individuals associated with U.S. defense contractors, including prospective employees, with phishing emails that display fake job listings and companies' internal policies.

Informed and tech savvy North Korean ruling elite regularly online

There are four million 3G-capable mobile devices in North Korea, but only the small group of the most senior leaders and ruling elite are granted direct access to the worldwide internet.

Tick threat group linked to multiple malware families

The Tick hacking group known infecting Japanese and South Korean targets with its malicious backdoor "Daserf" has been linked to other campaigns leveraging an eclectic assortment of malware, including two additional backdoors, two remote access trojans and a downloader.

Tables turned: Researcher reportedly creates C&C server to spy on Fruitfly Mac malware

A security researcher looking into a variant of the Mac spyware Fruitfly uncovered a pool of roughly 400 infected victims, after reportedly registering a back-up C&C server that was coded in a sample of the malware and taking it over.

CIA Director Pompeo says WikiLeaks will 'take down America'

CIA Director Mike Pompeo continued to expressed disdain for WikiLeaks a day after the organization published more Vault7 documents.

Report: Intel officials now believe UAE masterminded hack of Qatari news agency

The May 2017 hack of Qatar's state news agency, an incident seemingly designed to strain relations among Arab nations, was reportedly perpetrated by the United Arab Emirates, according to the Washington Post, citing U.S. intelligence officials.

Wikileaks publishes Vault 7: Highrise tool for Android devices

WikiLeaks Thursday published the manual of another CIA hacking tool "Highrise" aka "TideCheck"

Reports: Feds issue alert after adversary breaches power plant business networks

Since May, foreign hackers have breached computer networks at 12 or more U.S. power plants, including nuclear facilities, prompting the FBI and DHS to issue an urgent amber warning to utility companies, according to reports.

Legislation bars DoD from using Kaspersky; FBI agents visit employees of Russian cyber firm

The U.S. Senate Armed Services Committee's annual defense spending bill reportedly contains a provision prohibiting the Defense Department from using any products from Moscow-based cybersecurity firm Kaspersky Lab.

Survey: Experts say 'fake news' changing UK's political landscape

A new survey from DomainTools reveals the effect cyber-security professionals think that Fake News has had on the UK's political landscape.

Russia pressures Western tech firms for security source code, many will comply

Russia's Federal Security Service (FSB) is demanding the security product source code from top Western tech firms, many will comply.

WikiLeaks: CIA's Brutal Kangaroo toolset lets malware hop onto closed networks

WikiLeaks dumped more leaked CIA documents, publishing materials from a tool suite called Brutal Kangaroo that allows attackers to indirectly infiltrate a closed network or air-gapped computer using a compromised flash drive.

WikiLeaks latest Vault 7 dump includes CherryBlossom router hacking tool

The June Wikileaks document dump of pilfered Vault 7 CIA documents includes a multipurpose framework called CherryBlossom designed to crack into routers mostly used in homes, public places and small businesses.

Sessions denies Russian collusion to undermine election

Attorney General Jeff Sessions called allegation of him colluding with Russian officials to undermine the election an "appalling and detestable lie."

Russian election hackers breached 39 U.S. states

Russia's hackers reportedly breached the electoral systems of at least 39 states during the summer and fall of 2016.

Fake news allegedly planted by Russian hackers helped trigger Qatar crisis

A controversial report seemingly published last month by Qatar's state news agency may be fake news planted by Russian hackers who allegedly broke into the agency's systems, according to an exclusive CNN report, citing U.S. officials.

Experts surprised by extent of Russian election meddling, demand voting security for 2018

The leak of a classified NSA document confirming that Russia interfered with the 2016 U.S. presidential race has reinforced the need to fix vulnerabilities in America's voting infrastructure before the next election cycle.

China may have hacked secret CIA communication to kill or imprison U.S. informants

China seriously crippled U.S. Intelligence operations by systematically killing or imprisoning more than a dozen sources.

Goddess of cyberwar: Athena CIA tool subject of latest WikiLeaks Vault 7 dump

WikiLeaks on Friday published materials related to a malware implant called Athena, which enables remote beacon and loader capabilities on targeted computers running on Microsoft Windows versions XP through 10.

OceanLotus APT acting in accordance with Vietnamese interests, researchers report

An APT group whose actions appear to align with Vietnamese state interests has been actively compromising private corporations and targeting foreign governments, dissidents and media since at least 2014, according to researchers at FireEye.

Researchers link new backdoor and Mac-based rootkit to Turla spy group

The Turla advanced persistent threat group appears to have recently created both a new multiplatform backdoor malware program called Kazuar, and a MacOS version of its Uroburos espionage rootkit.

Microsoft bug linked to spy campaigns, bank thefts reportedly took 6 months to fix

A zero-day bug in Microsoft Office and WordPad that hackers exploited to spy on targeted users, implant malware, and steal banking credentials took nine months to fix, according to news reports.

Cozy Bear targeted French presidential candidate Emmanuel Macron: Trend Micro

Trend Micro researchers said Fancy Bear, also known as Pawn Storm, targeted several elections including the Emmanuel Macron presidential campaign in France.