APTs/cyberespionage news & analysis | SC Media APTs/cyberespionage

APTs/cyberespionage

A flaw that allowed users to break through the passcode screen was eliminated in iOS 7.0.2.

Bezos iPhone compromised by Saudi prince, report finds

An iPhone belonging to Amazon CEO Jeff Bezos likely was hacked by Saudi Arabian prince Mohammed bin Salman (MBS) or operatives working on his behalf, a technical report indicated. Forensics on the phone showed it “was compromised via tools procured by Saud al Qahtani,” a close confidant of the prince, Motherboard cited a report by…

Mitsubishi Electric discloses June 2019 breach; Tick hacking group reportedly blamed

Japanese manufacturer Mitsubishi Electric has acknowledged its discovery last June of a data breach perpetrated by an unauthorized third party that accessed both personal employee information and corporate materials. The public disclosure came amid multiple English and Japanese news sources publishing details on the incident [1, 2, 3, 4, 5], which experts believe may be…

Report: FBI issues alert after two municipalities hacked via SharePoint

The FBI this month reportedly issued an alert to its private industry partners, warning that a probable nation-state hacking group had recently compromised the networks of two U.S. municipalities via unpatched, vulnerable Microsoft SharePoint servers. According to the report, from ZDNet, the flaw the hackers reportedly abused was CVE-2019-0604, a remote code execution bug caused by…

APT40 hacking group linked to 13 alleged front companies in Hainan, China

The mysterious research group Intrusion Truth has unleashed a new series of reports claiming that 13 businesses based in the southern island province of Hainan, China are collectively a front for reputed Chinese state-sponsored hacking group APT40. The alleged front companies all purport to be science and technology businesses seeking to hire pen testers, software development…

Russia’s Fancy Bear successfully hacked Burisma during impeachment probe

As the House Intelligence Committee held impeachment hearings last fall, members of the Russian GRU, known as Fancy Bear, successfully hacked Burisma, the Ukrainian energy company at the center of the impeachment investigation. In an echo of the 2016 presidential election cycle where Russian hackers pilfered and released damaging emails on then candidate Hillary Clinton…

Bahraini oil company reportedly attacked by new ‘Dustman’ disk wiper

Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29 disk wiper attack that officials believe originated from Iran-backed hackers. Iran is historically associated with past disk wiper campaigns against energy companies, most notably the destructive Shamoon or Disttrack malware attack against the Saudi Arabian…

State actors may be behind ongoing cyberattack on Austria’s foreign ministry

An ongoing and “serious cyberattack” at Austria’s foreign ministry could be the work of nation-state actors, the country’s government said. The ministry has set up a “coordination committee” to respond to the attack, which started as the country’s Greens party okayed an alliance with conservatives. While the foreign ministry discovered the attack and responded quickly,…

No news on if Iran will retaliate yet...

Hackers claiming to be from Iran deface U.S. gov’t website

Just days after President Trump ordered an air strike that killed Iranian Maj. Gen. Qassem Soleimani, a U.S. government website was defaced by a hacking group claiming to be from Iran. The hackers defaced the Federal Depository Library Program, fdlp.gov, website with a picture of bleeding Trump as he’s being punched in the face for an…

DHS warns Iran retaliation could include cyberattacks

Although it stressed there is no evidence of a specific credible threat to the U.S. after the killing Iranian General Qasem Soleimani, the Department of Homeland Security Saturday issued a National Terrorism Advisory System Bulletin warning of retaliation, including cyberattacks. Previous homeland-based plots by Iran and its partners “have included, among other things, scouting and…

Army cyber troops

Army joins Navy in banning TikTok

The U.S. Army this week joined the Navy in banning soldiers from using TikTok, the popular Chinese-owned video app marred by troublesome data handling practices, pegging it as a national security risk. “The U.S. Army’s decision to ban TikTok is yet another sign of the growing suspicion and mistrust U.S. authorities feel towards the Chinese-developed…

Next post in Security News