Cyber Espionage News, Articles and Updates

APT group's active exploit of Flash bug prompts emergency Adobe patch

Adobe Systems on Monday issued an emergency patch for a zero-day Flash Player vulnerability, after an APT group was discovered actively exploiting the bug as a means to infect machines with FinSpy surveillance malware.

Defense minister says Poland fended off Russian cyberattack on businesses

Poland's defense minister reportedly disclosed that his country successfully stopped a recent Russian cyberattack targeting companies based in Ukraine that also operate offices in other countries, including Poland.

Report: Congressman seeks pardon for Assange in exchange for docs vindicating Russian hackers

Rep. Dana Rohrabacher (R-Calif.) has reportedly taken steps to broker a deal between the White House and Julian Assange, in which the WikiLeaks founder would turn over materials that he claims exonerates Russia from hacking Democratic officials in exchange for a pardon or some form of clemency.

Turla APT group linked to Gazer backdoor that spies on embassies

A previously undocumented backdoor program used to spy on foreign embassies and consulates appears to be the work of suspected Russian APT group Turla, researchers from ESET have reported.

Chinese national arrested in relation to OPM breach

U.S. officials arrested a Chinese national who is accused of being involved in the 2015 OPM breach.

Proposed legislation discourages Russia-U.S. cyber pact, while prioritizing election security

A U.S. intelligence bill that recently passed committee in the Senate contains key provisions designed to defend the electoral process from Russian meddling and other foreign interference, as well as curtail any possible White House effort to form a joint cybersecurity unit with the Kremlin.

'ShadowPad' attack sabotaged NetSarang software with backdoor

Attackers secretly modified at least five software packages distributed by NetSarang in order to infect its business users with modular backdoor spyware, Kaspersky Lab has reported.

Ukrainian malware author is key witness against Russia in DNC hack investigation

A Ukrainian man who authored malware that U.S. intelligence said was used to hack the DNC has become a witness for the FBI after turning himself in early this year, the New York Times has reported.

U.S. Military vows to tweak and fling malware back at creators

U.S. military hackers are by throwing the proverbial malware grenade back at the enemy

Lazarus Group tied to new phishing campaign targeting defense industry workers

The Lazarus Group appears to be targeting individuals associated with U.S. defense contractors, including prospective employees, with phishing emails that display fake job listings and companies' internal policies.

Informed and tech savvy North Korean ruling elite regularly online

There are four million 3G-capable mobile devices in North Korea, but only the small group of the most senior leaders and ruling elite are granted direct access to the worldwide internet.

Tick threat group linked to multiple malware families

The Tick hacking group known infecting Japanese and South Korean targets with its malicious backdoor "Daserf" has been linked to other campaigns leveraging an eclectic assortment of malware, including two additional backdoors, two remote access trojans and a downloader.

Tables turned: Researcher reportedly creates C&C server to spy on Fruitfly Mac malware

A security researcher looking into a variant of the Mac spyware Fruitfly uncovered a pool of roughly 400 infected victims, after reportedly registering a back-up C&C server that was coded in a sample of the malware and taking it over.

CIA Director Pompeo says WikiLeaks will 'take down America'

CIA Director Mike Pompeo continued to expressed disdain for WikiLeaks a day after the organization published more Vault7 documents.

Report: Intel officials now believe UAE masterminded hack of Qatari news agency

The May 2017 hack of Qatar's state news agency, an incident seemingly designed to strain relations among Arab nations, was reportedly perpetrated by the United Arab Emirates, according to the Washington Post, citing U.S. intelligence officials.

Wikileaks publishes Vault 7: Highrise tool for Android devices

WikiLeaks Thursday published the manual of another CIA hacking tool "Highrise" aka "TideCheck"

Reports: Feds issue alert after adversary breaches power plant business networks

Since May, foreign hackers have breached computer networks at 12 or more U.S. power plants, including nuclear facilities, prompting the FBI and DHS to issue an urgent amber warning to utility companies, according to reports.

Legislation bars DoD from using Kaspersky; FBI agents visit employees of Russian cyber firm

The U.S. Senate Armed Services Committee's annual defense spending bill reportedly contains a provision prohibiting the Defense Department from using any products from Moscow-based cybersecurity firm Kaspersky Lab.

Survey: Experts say 'fake news' changing UK's political landscape

A new survey from DomainTools reveals the effect cyber-security professionals think that Fake News has had on the UK's political landscape.

Russia pressures Western tech firms for security source code, many will comply

Russia's Federal Security Service (FSB) is demanding the security product source code from top Western tech firms, many will comply.

WikiLeaks: CIA's Brutal Kangaroo toolset lets malware hop onto closed networks

WikiLeaks dumped more leaked CIA documents, publishing materials from a tool suite called Brutal Kangaroo that allows attackers to indirectly infiltrate a closed network or air-gapped computer using a compromised flash drive.

WikiLeaks latest Vault 7 dump includes CherryBlossom router hacking tool

The June Wikileaks document dump of pilfered Vault 7 CIA documents includes a multipurpose framework called CherryBlossom designed to crack into routers mostly used in homes, public places and small businesses.

Sessions denies Russian collusion to undermine election

Attorney General Jeff Sessions called allegation of him colluding with Russian officials to undermine the election an "appalling and detestable lie."

Russian election hackers breached 39 U.S. states

Russia's hackers reportedly breached the electoral systems of at least 39 states during the summer and fall of 2016.