What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in espionage

Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack

The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. The U.S. government has identified Russia as the “likely” culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which . . . Read more

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

The nation-state actor is looking to speed up vaccine development efforts in North Korea. The advanced persistent threat (APT) known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found . . . Read more

Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies

The ongoing, growing campaign is “effectively an attack on the United States and its government and other critical institutions,” Microsoft warned. Microsoft has become the latest victim of the ever-widening SolarWinds-driven cyberattack that has impacted rafts of federal agencies and tech targets. Its president, Brad Smith, warned late Thursday to . . . Read more

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report

The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort. The U.S. Department of Homeland Security (DHS), plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were . . . Read more

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets. The SideWinder advanced persistent threat (APT) group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal . . . Read more

DeathStalker APT Spices Things Up with PowerPepper Malware

A raft of obfuscation techniques turn the heat up for the hacking-for-hire operation. The DeathStalker advanced persistent threat (APT) group has a hot new weapon: A highly stealthy backdoor that researchers have dubbed PowerPepper, used to spy on targeted systems. DeathStalker offers mercenary, espionage-for-hire services targeting the financial and legal . . . Read more

Think-Tanks Under Attack by APTs, CISA Warns

The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a warning on what they say are persistent, continued cyberattacks by advanced persistent threat . . . Read more

Russian Espionage Group Updates Custom Malware Suite

Turla has outfitted a trio of backdoors with new C2 tricks and increased interop, as seen in an attack on a European government.

North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn

The Kimsuky/Hidden Cobra APT is going after the commercial sector, according to CISA. The North Korean advanced persistent threat (APT) group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Kimsuky . . . Read more