Cyberespionage | SC Media

Cyberespionage

APT10

APT34 spread malware via LinkedIn invites

FireEye researchers identified a phishing campaign conducted by the cyberespionage group APT34 masquerading as a member of Cambridge University to gain their victim’s trust to open malicious documents.  Researchers noticed the campaign in late June 2019 using LinkedIn professional network invitations to deliver the malicious documents that included the use of three new malware families…

Russian-based misinformation campaign sends fake news from spoofed accounts

A Russian-based information operations campaign used fake social media accounts across multiple platforms to attack western interests.  Researchers from the Center for Strategic & International Studies detailed a report on a  Russian-based misinformation operations campaign that used fake social media accounts across multiple platforms, at times impersonating real individuals who were politically active in their home…

Report: Iran claims to have thwarted a U.S. cyberespionage operation

Iran is reportedly claiming that it successfully uprooted a CIA-led cyberespionage operation and arrested several U.S. spies in the process. “One of the most complicated CIA cyberespionage networks that had an important role in the CIA’s operations in different countries was exposed by the Iranian intelligence agencies a while ago and was dismantled,” said Ali…

Russia accused of hacking EU embassy in Moscow

Russia is believed to have hacked the Europian Union’s embassy in Moscow in a sophisticated cyberespionage attack designed to steal highly sensitive material from the mission’s internal network just weeks before the European Parliament elections. The initial attack took place in February 2017, but wasn’t detected until April of this year. European officials aren’t yet…

Huawei given 90-day reprieve from Entity List

The U.S. Commerce Department has temporarily relieved Chinese manufacturer Huawei of its inclusion on the federal Entity List, allowing the company to continue to do operate with its business partners for 90 days. Huawei was added to the Entity List on May 16, effectively banning the company from doing business in the United States, but…

TeamViewer reportedly hit by Chinese hackers in 2016

TeamViewer announced it was the victim of a cyber attack which took place in 2016 although some sources claim that hackers were in the firm’s network as early as 2014. The data breach was reportedly the result of threat actors exploiting the recently patched Winnti backdoor trojan, a malware first seen used by a group…

MuddyWater-associated BlackWater malware campaign suggest anti-detection techniques

A MuddyWater-associated BlackWater malware campaign has displayed signs of anti-detection techniques and other modifications to avoid common host-based signatures and avoid Yara signatures. Cisco Talos researchers said that while the changes were superficial, they were significant enough to avoid some detection mechanisms, according to a May 20 blog post. Researchers said the group’s level of…

Huawei responds to allegations of NSA hacking

Google, Huawei break will likely lead to security issues for users

President Trump’s executive order blocking Huawei’s products from accessing U.S. networks or technology has resulted in Google retracting its Android license from the company, possibly leading to cybersecurity issues for future owners of Huawei devices. Google has confirmed that currently available Huawei devices can still be used and services such as the Google Play Store,…

ChinaLaw

Members of China-based hacking firms indicted for Anthem breach, among other breaches

Members of China-based hacking group were indicted for series of computer intrusions, including the 2015 Anthem data breach that affected over 78 million people. The four-count indictment alleges that Fujie Wang, 32, and other members of the hacking group, including another individual charged as John Doe, conducted a campaign of intrusions into U.S.-based computer systems…

Next post in APTs/cyberespionage