Cyberespionage | SC Media


Redbanc cyberattack linked to Lazarus group


The recently disclosed cyber attack on the Chilean interbank network Redbanc which took place in December 2018, may have been carried out by North Korea-linked advanced persistent threat (APT) group Lazarus. The attack involved PowerRatankba, a malware toolkit with ties to APT group represents the latest known example of Lazarus-affiliated tools being deployed within financially…

Top FBI official calls Chinese cyberespionage ‘most severe’ threat to American security


FBI counterintelligence division head E.W. “Bill” Priestap Wednesday said Chinese cyberespionage poses the “most severe” threat to American security at a Senate Judiciary Committee hearing on “Non-Traditional Espionage Against the United States.” Priestap said China’s Communist Party “dominates every facet of Chinese life,” from religion to freedom of expression and business and that “it is…

Huawei responds to allegations of NSA hacking

China cyberespionage efforts increase following Trump presidency after brief pause


China has accelerated its cyberespionage efforts after a hiatus that began in 2015 when then President Obama struck an agreement to end China’s practice of cyberespionage attacks against American firms, military contractors and government agencies to steal designs, technology and corporate secrets, usually on behalf of China’s state-owned firm. Officials debate the cause for the…

State of security: Nebraska


Who’s in charge: Secretary of State John A. Gale Digital fingerprints tracing back to Russia were found probing for vulnerabilities on systems maintained by Election Systems & Software, an election services IT provider, back in 2016 when Russian threat actors attempted access the election systems of 20 other states. The company manages the Nebraska’s Voter…

No news on if Iran will retaliate yet...

Iran claims telecommunications infrastructure was attacked by Stuxnet variant


Iran officials are reportedly claiming that a variant of the Stuxnet worm that disrupted their country’s nuclear program in the late 2000s was used in an attack on their telecommunications infrastructure last week. Iran is publicly pointing the finger at Israel, while claiming to have successfully defended the attack, according to multiple news outlets, including…

malvertising targets hundreds of adult sites

Federal employee infects gov’t network with Russian malware through adult video websites


An employee at the U.S. Geological Survey (USGS) infected his agency’s network with Russian malware delivered via adult websites. The Office of Inspector General initiated an investigation into suspicious internet traffic at the agency’s Earth Resources Observation and Science (EROS) Center satellite imaging facility in Sioux Falls, SD when they found an employee visited some…

Mueller scrutinizes Stone’s relationship with WikiLeaks, Trump campaign


Special counsel Robert Mueller apparently – and not unexpectedly – is probing the extent of former Trump campaign operative and ally Roger Stone’s interactions with WikiLeaks and founder Julian Assange during the 2016 presidential election and whether he shared information with the campaign. Throughout the campaign, Stone’s public statements seemed to imply he knew in…

Updated Azorult malware for sale on the Dark Web


A new and improved version of the info stealer and malware downloader Azorult was spotted being distributed by the RIG exploit kit. Check Point researchers report the malware has been heavily upgraded, version 3.3 as labeled by its creators, and has been available for sale on the Dark Web since early October. The fact that…

octopus iot mirai infection

Octopus malware wraps tentacles around former Telegram users in Central Asia


A Russian-language cyberespionage threat actor dubbed DustSquad targeting Central Asian users and diplomatic entities using a malware, dubbed Octopus, designed to exploit the hype surrounding the Telegram app ban in Central Asia. The malware is written in Delphi and was coined by ESET researchers in 2017 after the threat group used the 0ct0pus3.php script on…


Yes or No. Did China physically hack Super Micro computers?


A bevy of Congressional members are starting to dig deeper into the Bloomberg Businessweek report that the Chinese People’s Liberation Army actually committed a supply chain attack by placing malicious processors in computers used by top U.S. companies and the federal government. Sens. Marco Rubio, R-Fla., and Richard Blumenthal, D-Conn., John Thune R-S.D., House Oversight…

Next post in Government/Defense