A new malware that is being deployed by the Chinese hacking group APT 41 monitors SMS traffic and other mobile information en masse and is being used against a telecommunications firm to target specific customer phone numbers. The malware, called MessageTap, has been used in cyberespionage and financially motivated attacks, reported FireEye. MessageTap was first…
Facing possible exclusion from the 2020 Summer Olympics in Tokyo and other major athletic events, Russia once again has been attempting to hack anti-doping agencies and sports organizations, Microsoft reported yesterday. In attacks that started on Sept. 16, the reputed Russian APT Fancy Bear targeted at least 16 national and international sports organizations across three…
Facebook might have decided to leave it up to the public whether political ads are truthful – or not – but the social media giant said it’s diligently trying to identify and flag content from media outlets run by nation-states to avoid a repeat of the 2016 election when Russia and other countries leveraged its…
The Czech-based security firm Avast reported its internal network had been accessed through a temporary and loosely protected VPN profile with compromised credentials . The incident began on September 23 when the company noted suspicious behavior taking place on its network and started an investigation that included Czech national intelligence and cybersecurity assets. It was…
The Russian hacker group Turla disguised itself as Iranians and stole state secrets from multiple countries, authorities from the U.S. and U.K. said Monday. “Identifying those responsible for attacks can be very difficult, but the weight of evidence points towards the Turla group being behind this campaign,” Paul Chichester, director of operations at GCHQ’s National Cyber Security…
A thorough investigation into reputed Chinese APT actor Winnti Group turned up a previously undocumented backdoor that was used to compromise a popular Asian mobile hardware and software vendor — perhaps as a prelude to launching a major supply chain attack against its users. Dubbed PortReuse, the modular malware is a passive network implant that…
A U.S. Defense Intelligence Agency (DIA) analyst was arrested for supplying top secret national defense information (NDI) on a foreign country’s weapons systems to two journalists, one of whom he reportedly was engaged with romantically. Henry Kyle Frese, 30, of Alexandria, Va., accessed classified reports in April and May 2018 and passed them to the…
In the wake of a controversial call between President Trump and President Volodymyr Zelensky of Urkaine and even as some of President Trump’s supporters in Congress push a narrative that corrupt forces in Ukraine were behind 2016 election meddling, the second of a five-part bipartisan report from the GOP-led Senate Intelligence Committee confirmed Russia was…
Cyber espionage actors have developed a malware that can mark victims’ TLS-encrypted outbound traffic with identifiers so it can be compromised and potentially decoded later. Dubbed Reductor, the malware appears to share similar code to the COMpfun trojan, which was first documented in 2014 and is closely associated with suspected Russian APT group Turla, aka…
A threat group, dubbed Phosphorus, that Microsoft believes to be linked to Iran’s government targeted email accounts associated with a presidential campaign as well as government officials, journalists and prominent Iranians living outside the country. “In a 30-day period between August and September, the Microsoft Threat Intelligence Center (MSTIC) observed Phosphorus making more than 2,700…
