APTs/cyberespionage news & analysis | SC Media

APTs/cyberespionage

Cyber Solarium Commission lays out plan to secure supply chain

Over the past two decades, China has mobilized state-owned and state-influenced companies to dominate several emerging markets, especially for 5G telecommunications equipment, according to a report from the U.S. Cyberspace Solarium Commission (CSC) The 50-page report, a follow-up to its March 2020 report, focuses on creating a supply chain strategy for information and communications technologies…

Commerce imposes prohibitions on TikTok, WeChat

After previously expressing support for Oracle’s planned partnering with TikTok, the Trump administration took a step back from the deal Friday with the Commerce Department putting prohibitions on transactions related to the video-sharing platform and, separately, on the mobile communications app WeChat, both owned by Chinese companies. President Trump had said at a Wednesday news…

Oracle will inherit TikTok security, privacy headaches

By partnering with the popular Chinese videosharing platform TikTok, Oracle will inherit a laundry list of security and privacy issues once the deal is approved, as soon as Sept. 20, by TikTok parent company ByteDance. TikTok boasts 100 million users in the U.S. and 689 million globally. Earlier this year President Trump threatened to ban…

New Zeppelin strand avoids AV detection with trojan downloader

A fresh wave of Zeppelin ransomware attacks discovered in late August went undetected by antivirus defenses as the result of a new trojan downloader and research suggests the attacks might be targeted. The presumably targeted infections were announced in a blog post by Juniper Threat Labs researcher Asher Langton. “This campaign shows an evolution of…

Hacker-for-hire groups profit by commoditizing APT tactics

In the span of just over three months, researchers have exposed three mercenary, “hacker-for-hire” groups engaging in industrial espionage and stealing corporate secrets for profit. Despite using tactics, techniques and procedures that are more typical of a nation-state ATP group, these threat actors –  Dark Basin, DeathStalker and an unnamed third entity group detailed late last month by Bitdefender –…

electric power

Is the electric grid closer to a devastating cyberattack that could mean lights out?

Could the electric grid really be taken down with a $50 device secreted in the bottom of a coffee cup as some researchers have claimed? Perhaps. But the more likely threat comes from bad actors with markedly improved capabilities who’ve ramped up their attacks on critical infrastructure and utilities. Consider that 70 percent of industrial…

SMBs assaulted by ‘mercenary’ DeathStalker APT espionage campaigns

The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in the financial sector throughout Europe, Middle East, Asia and Latin America. Deathstalker’s tactics, techniques and procedures aren’t different from when it first emerged as a hacker-for-hire, according to Kaspersky, which tracked Deathstalker’s activities for the…

Next post in APTs/cyberespionage