APTs/cyberespionage news & analysis | SC Media

APTs/cyberespionage

FBI, CISA warn China targeting orgs conducting Covid-19-related vaccine, treatment research

China is looking to lift American research on coronavirus vaccines and treatments through cyberattacks, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) warned health care, pharmaceutical, and research sectors working on COVID-19 response. “China’s efforts to target these sectors pose a significant threat to our nation’s response to COVID-19,” the alert said.  The…

2FA app weaponized to infect Mac users with Dacls RAT

MacOS users who think they have protected themselves by downloading a particular two-factor authentication application may have actually infected their machines with a new variant of the Dacls remote access trojan. When Dacls was originally discovered in late 2019, it was known to target Windows and Linux platforms, but now it appears Macs are no…

PluginPhantom

PhantomLance campaign slipped trojanized apps into marketplaces for years

A long-running malware campaign whose activity dates back to 2016 has been using a sophisticated playbook of tricks to sneak trojanized Android apps into the Google Play Store as well as third-party marketplaces. Researchers from Kaspersky have dubbed the campaign PhantomLance and, based on certain calling cards, have attributed it with medium confidence to the…

U.S. offers up to $5M for info on North Korean cyber activity

Four U.S. federal agencies on Wednesday jointly issued an advisory that warns of ongoing North Korea-sponsored cyberthreat operations, and offers a reward of up to $5 million for information on such operations. The communication, issued by the State Department, the Department of Homeland Security, the Treasury Department and the FBI, details the Democratic People’s Republic…

APT10

APT41 activity down during China COVID-19 quarantines; massive campaign undeterred

COVID-19 spreading through parts of China did not entirely deter APT41 from carrying out one of the largest campaigns ever conducted by a Chinese cyberespionage group. The attacks were not directly tied to the Coronavirus outbreak nor did the attackers attempt to leverage the virus in any way, but FireEye noted the group’s activity did…

FSB headquarters Lubyanka Square Moscow

FSB contractor breach exposes secret cyber weapons program leveraging IoT vulnerabilities

The hack of an FSB contractor has exposed details of the Russian intelligence agency’s cyber weapons program aimed at exploiting vulnerabilities in IoT devices. Digital Revolution, a Russian hacking group, has claimed credit for the April 2019 breach of subcontractor ODT (Oday) LLC, which was working with frequent Russian Ministry of Internal Affairs contractor InformInvestGroup…

Russia-hack-US-election

Justice to drop charges against two companies indicted by Mueller

In an effort to protect government sources and investigative methods, Justice Department prosecutors will drop charges against two Russian companies, Concord Management and Concord Consulting, indicted by former Special Counsel Robert Mueller for financing operations behind interference in the 2016 presidential election. The two companies, along with Internet Research Agency and a cadre of 13…

Former federal CIO: Efforts to ban Huawei ‘don’t make any sense to me’

Recent U.S. efforts to ban the federal use of telecommunications equipment from Huawei Technologies and other Chinese companies are “malaligned” and “don’t make any sense to me,” said former Federal CIO Tony Scott in a podcast interview with SC Media. Scott, who served under former President Barack Obama and now operates as chairman of his own…

Russia-hack-US-election

Trump berated Maguire after lawmakers were briefed on Russia’s active interference in 2020 election

In an echo of 2016, the intelligence community reportedly has warned lawmakers that Russia is trying to influence the 2020 election in a briefing that drew the ire of President Trump and may have prompted the ouster of acting Director of National Intelligence (DNI) Joseph Maguire. Trump, still peeved by IC reports that Russia hacked…

Next post in Security News