Recent U.S. efforts to ban the federal use of telecommunications equipment from Huawei Technologies and other Chinese companies are “malaligned” and “don’t make any sense to me,” said former Federal CIO Tony Scott in a podcast interview with SC Media. Scott, who served under former President Barack Obama and now operates as chairman of his own…
Iranian APT actors have engaged in a long-running cyber espionage and data theft campaign that has victimized dozens of companies around the world, typically compromising them via virtual private network and Remote Desktop Protocol services, according to a new research report. Vulnerable VPNs have been such a favorite attack vector of choice among these actors…
The U.S. Department of Justice has charged four members of the Chinese People’s Liberation Army with nine criminal counts, accusing them of orchestrating and carrying out the 2017 hack of credit reporting agency Equifax. An indictment returned by a federal grand jury in Atlanta and unveiled today by the DOJ alleges that Beijing residents Wu…
Japanese manufacturer Mitsubishi Electric has acknowledged its discovery last June of a data breach perpetrated by an unauthorized third party that accessed both personal employee information and corporate materials. The public disclosure came amid multiple English and Japanese news sources publishing details on the incident [1, 2, 3, 4, 5], which experts believe may be…
The FBI this month reportedly issued an alert to its private industry partners, warning that a probable nation-state hacking group had recently compromised the networks of two U.S. municipalities via unpatched, vulnerable Microsoft SharePoint servers. According to the report, from ZDNet, the flaw the hackers reportedly abused was CVE-2019-0604, a remote code execution bug caused by…
The mysterious research group Intrusion Truth has unleashed a new series of reports claiming that 13 businesses based in the southern island province of Hainan, China are collectively a front for reputed Chinese state-sponsored hacking group APT40. The alleged front companies all purport to be science and technology businesses seeking to hire pen testers, software development…
Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29 disk wiper attack that officials believe originated from Iran-backed hackers. Iran is historically associated with past disk wiper campaigns against energy companies, most notably the destructive Shamoon or Disttrack malware attack against the Saudi Arabian…
The reputed Vietnamese APT group OceanLotus is believed responsible for recently hacking into the networks of German car manufacturer BMW, as well as South Korea’s Hyundai, presumably to spy on their automotive trade secrets. German broadcaster Bayerricscher Rundfunk, which broke the story, reported (in an article translated into English) that BMW caught the intrusion early…
Intezer Security has found a new backdoor, ACBackdoor, that has no known connection to an operating threat group creating the possibility it could be a harbinger of a new gang’s formation. ACBackdoor is primarily a Linux malware, but Intezer has spotted a Windows variant and the company believes it was created by an experienced group…
Reputed Iranian threat actor APT33 has been employing more than a dozen secret botnets to infiltrate and spy on the networks of various Middle Eastern, U.S. and Asian organizations, and are even setting up their own VPN networks to conceal their operations, according to researchers. Trend Micro described these findings in a blog post this…
