Cyber Espionage News, Articles and Updates

Operation BugDrop spies on mic recordings, uses Dropbox to exfiltrate data

A sophisticated cyber espionage operation focused primarily within Ukraine reportedly uses malware that leverages Dropbox to exfiltrate stolen data, including conversations recorded by infected computers' audio microphones.

XAgent malware linked to DNC hackers can now attack Macs

Macs are officially no longer immune to XAgent, a backdoor malware linked to the Russian threat group APT 28, as researchers have now discovered a version targeting machines running on OS X.

Congressional staffers eye response, future deterrents, in wake of Russian election interference

A trio of high-level Congressional staffers gathered at the 2017 RSA Conference this week in a joint session that sought to explore possible responses to Russia's interference in the 2016 U.S. presidential election, as well as future deterrents that might prevent future foreign cyberattacks.

Uber drives down alert fatigue with customized data sets

To combat alert fatigue among its security analysts, transportation service Uber applies specially customized data sets to flagged incidents to help distinguish between genuine threats and non-malicious activities.

Microsoft president calls for 'Digital Geneva Convention'

Governments should create a "Digital Geneva Convention" that lays out ground rules for defending civilians from cyberattacks, declared Brad Smith, president of Microsoft Corporation, today at the RSA Conference.

Websites of foreign embassies and ministries compromised to infect visitors

An unknown actor whose targets and tactics resemble those of a Russian advanced persistent threat group has been compromising the websites of foreign embassies, ministries and organizations, in an attempt to infect certain site visitors with malware.

Russia, Belarus replace the U.S. as targets for Chinese hackers

Evidence is popping up indicating the China-U.S Cyber Agreement may be pushing Chinese hackers to shift to targets in Russia and Belarus.

Confusion, theories abound as Russia stays silent on cybersecurity treason arrests

Following the arrests of four cyber experts in Russia on treason charges, conflicting theories have emerged, as observers speculate if the case is connected to the hacking of U.S. political institutions in the run-up to the 2016 election.

Energy facilities may become main target of cyber-attacks in Russia

It's estimated that power companies in Russia suffered more than 350 serious cyber-attacks in 2016, a 50 percent increase on the previous year.

Downeks and Quasar malware combine in attack linked to Gaza Cybergang

A recent spate of attempted malware attacks intended to infect government entities in the Middle East with a customized version of the Quasar remote access trojan appears to be linked to the Hamas-linked Gaza Cybergang.

Ransomware + IoT = Jackware?: the evolution of ransomware attacks

ESET researchers predict the next step in the evolution of ransomware is "jackware" or ransomware designed to target connected devices.

Researchers tentatively link Greenbug cyberspy group to Saudi Shamoon attackers

Researchers may have found a tenuous link between a cyberespionage organization's credentials-stealing trojan and the Shamoon hacking group that's been targeting Saudi energy companies with Disttrack disk-wiping malware.

CatPhishing: Hamas targets the hearts of Israeli forces

Hamas is targeting the hearts of Israeli soldiers using social engineering attacks that are triggered with a simple friend request.

NATO official reports 60 percent spike in cyberattacks

Cyberattacks on the NATO alliance's network have skyrocketed by 60 percent over the last year

Trump denies Russia possesses scandalous details on his personal, financial affairs

In his first post-election press conference today, President-elect Donald Trump vehemently denied allegations contained in a bombshell dossier that claims Russia amassed damaging information on the business magnate that could be used to compromise or blackmail him.

Declassified intelligence report says Putin, Russia meddled in U.S. presidential election

Russian President Vladimir Putin ordered a campaign of cyberespionage, hacking and propaganda to influence the 2016 U.S. presidential election and spoil candidate Hillary Clinton's chances of winning, according to a declassified joint intelligence assessment.

Intel officials: China still hacking U.S., albeit at reduced rate

According to testimony from top intelligence officials, more than 30 nations are developing offensive cyberattack capabilities as of late 2016, including China, which continues to conduct cyberespionage operations against U.S. assets.

Clapper testimony: U.S. intel more confident than ever Russia interfered with elections

In a hearing on Capitol Hill Thursday, U.S. intelligence leaders doubled down on their collective assertion that Russia intentionally interfered with the 2016 presidential election, even as President-elect Donald Trump continues to publicly cast doubt on these findings.

New variant of KillDisk wiper threatens industrial control networks with ransomware

The KillDisk disk-wiper program that was used in conjunction with BlackEnergy malware to attack Ukrainian energy utilities now includes a ransomware component, according to researchers at CyberX.

Malware in Ukraine armed forces app linked to DNC hackers

A proprietary spyware tool that was recently found infecting Ukrainian military forces battling Russian separatists is an Android version of the same malware that helped hackers steal files from the Democratic National Committee, CrowdStrike has reported.

Report: Russian hackers breached Joint Chiefs' email system in 2015

An unclassified e-mail system used by the U.S. Joint Chiefs of Staff, their chairman and his support staff was infiltrated by Russian hackers in August 2015, according to CBS News, citing former Joint Chiefs Chairman Martin Dempsey.

Sofacy APT doubles down on its 'DealersChoice' Flash exploit campaign

Russian APT group Sofacy has upped the ante in its campaign to compromise organizations with its "DealersChoice" Flash Player exploit tool, even after Adobe patched a key Flash vulnerability that the tool was observed exploiting.

Stealing steel's secrets: Industrial conglomerate ThyssenKrupp breached by pro hackers

Professional hackers infiltrated the systems of Germany-based industrial conglomerate ThyssenKrupp earlier this year, stealing intellectual property, research and secrets.

N. Korea accused of hacking S. Korea' military cyber-command

South Korea has announced that its military cyber-command appears to have been breached by North Korea. It is not clear whether low-grade documents or more important details like war plans were accessed.

Can you hear me now? Malware turns headphones into mics for eavesdropping

Headphones plugged into a computer's audio output jack can be converted into a microphone that secretly records nearby conversations by modifying the device's software via malware, according to a new research report.

Russian malware campaign 'PowerDuke' rides post-election wave

Russian APT group Cozy Bear has reportedly been targeting U.S. think tanks and non-governmental organizations in the immediate aftermath of the U.S. presidential race, devising malware campaigns that capitalize on post-election controversy.

Russia's increasing cyber-capabilities underestimated?

As Russia increases its military and civilian cyber-security capabilities, is the West under-estimating these developments?

China passes controversial law to counter cyberterror

China today passed a controversial cybersecurity law which the nation says will counter growing threats such as hacking and terrorism.

Zero days used in attacks on DNC, Podesta

Russian hackers are employing zero-day exploits to infect target networks, according to security researchers at ESET.