Cyber Espionage News, Articles and Updates

Tables turned: Researcher reportedly creates C&C server to spy on Fruitfly Mac malware

A security researcher looking into a variant of the Mac spyware Fruitfly uncovered a pool of roughly 400 infected victims, after reportedly registering a back-up C&C server that was coded in a sample of the malware and taking it over.

CIA Director Pompeo says WikiLeaks will 'take down America'

CIA Director Mike Pompeo continued to expressed disdain for WikiLeaks a day after the organization published more Vault7 documents.

Report: Intel officials now believe UAE masterminded hack of Qatari news agency

The May 2017 hack of Qatar's state news agency, an incident seemingly designed to strain relations among Arab nations, was reportedly perpetrated by the United Arab Emirates, according to the Washington Post, citing U.S. intelligence officials.

Wikileaks publishes Vault 7: Highrise tool for Android devices

WikiLeaks Thursday published the manual of another CIA hacking tool "Highrise" aka "TideCheck"

Reports: Feds issue alert after adversary breaches power plant business networks

Since May, foreign hackers have breached computer networks at 12 or more U.S. power plants, including nuclear facilities, prompting the FBI and DHS to issue an urgent amber warning to utility companies, according to reports.

Legislation bars DoD from using Kaspersky; FBI agents visit employees of Russian cyber firm

The U.S. Senate Armed Services Committee's annual defense spending bill reportedly contains a provision prohibiting the Defense Department from using any products from Moscow-based cybersecurity firm Kaspersky Lab.

Survey: Experts say 'fake news' changing UK's political landscape

A new survey from DomainTools reveals the effect cyber-security professionals think that Fake News has had on the UK's political landscape.

Russia pressures Western tech firms for security source code, many will comply

Russia's Federal Security Service (FSB) is demanding the security product source code from top Western tech firms, many will comply.

WikiLeaks: CIA's Brutal Kangaroo toolset lets malware hop onto closed networks

WikiLeaks dumped more leaked CIA documents, publishing materials from a tool suite called Brutal Kangaroo that allows attackers to indirectly infiltrate a closed network or air-gapped computer using a compromised flash drive.

WikiLeaks latest Vault 7 dump includes CherryBlossom router hacking tool

The June Wikileaks document dump of pilfered Vault 7 CIA documents includes a multipurpose framework called CherryBlossom designed to crack into routers mostly used in homes, public places and small businesses.

Sessions denies Russian collusion to undermine election

Attorney General Jeff Sessions called allegation of him colluding with Russian officials to undermine the election an "appalling and detestable lie."

Russian election hackers breached 39 U.S. states

Russia's hackers reportedly breached the electoral systems of at least 39 states during the summer and fall of 2016.

Fake news allegedly planted by Russian hackers helped trigger Qatar crisis

A controversial report seemingly published last month by Qatar's state news agency may be fake news planted by Russian hackers who allegedly broke into the agency's systems, according to an exclusive CNN report, citing U.S. officials.

Experts surprised by extent of Russian election meddling, demand voting security for 2018

The leak of a classified NSA document confirming that Russia interfered with the 2016 U.S. presidential race has reinforced the need to fix vulnerabilities in America's voting infrastructure before the next election cycle.

China may have hacked secret CIA communication to kill or imprison U.S. informants

China seriously crippled U.S. Intelligence operations by systematically killing or imprisoning more than a dozen sources.

Goddess of cyberwar: Athena CIA tool subject of latest WikiLeaks Vault 7 dump

WikiLeaks on Friday published materials related to a malware implant called Athena, which enables remote beacon and loader capabilities on targeted computers running on Microsoft Windows versions XP through 10.

OceanLotus APT acting in accordance with Vietnamese interests, researchers report

An APT group whose actions appear to align with Vietnamese state interests has been actively compromising private corporations and targeting foreign governments, dissidents and media since at least 2014, according to researchers at FireEye.

Researchers link new backdoor and Mac-based rootkit to Turla spy group

The Turla advanced persistent threat group appears to have recently created both a new multiplatform backdoor malware program called Kazuar, and a MacOS version of its Uroburos espionage rootkit.

Microsoft bug linked to spy campaigns, bank thefts reportedly took 6 months to fix

A zero-day bug in Microsoft Office and WordPad that hackers exploited to spy on targeted users, implant malware, and steal banking credentials took nine months to fix, according to news reports.

Cozy Bear targeted French presidential candidate Emmanuel Macron: Trend Micro

Trend Micro researchers said Fancy Bear, also known as Pawn Storm, targeted several elections including the Emmanuel Macron presidential campaign in France.

SMSVova spyware downloaded millions of times from Google Play store since 2014

A spyware program disguised as an app that dispenses Android updates was downloaded between 1 and 5 million times before being pulled from Google's official U.S. Play Store, according to researchers at Zscaler.

Tracking pixels could lead to your next phishing attack

Check Point researchers warn tracking pixels could be used to compromise enterprise security in phishing attacks.

U.K. Foreign Office targeted by Callisto Group hackers

Attackers targeted the U.K.'s Foreign Office with a spear-phishing campaign believed to have begun in April 2016.