Nation-State Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Nation-State

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and...

Ryan Naraine18 hours ago

Cyberwarfare

$10 Million Bounty on Iranian Hackers for Cyberattacks on US Gov, Defense Contractors

Four Iranians are accused of hacking into critical systems at the Departments of Treasury and State and dozens of private US companies.

Ryan Naraine2 days ago

Malware & Threats

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations

Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations.

Ionut Arghire2 days ago

Nation-State

MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days

MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.

Eduard Kovacs3 days ago

Nation-State

Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44

Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.

Eduard KovacsApril 17, 2024

Malware & Threats

Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge

Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus.

Eduard KovacsApril 15, 2024

Microsoft Hit by Nation State Actor Midnight Blizzard

Cyberwarfare

CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation

The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks.

Ryan NaraineDecember 7, 2023

CVE-2024-21338 zero-day exploited by North Korea

Cybercrime

North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report

Recorded Future calculates that North Korean state-sponsored threat actors are believed to have stolen more than $3 billion in cryptocurrency.

Ionut ArghireDecember 4, 2023

Nation-State

State-Backed Hackers a Threat to Australia, Agency Warns

The AUKUS partnership, with its focus on nuclear submarines and other advanced military capabilities, is likely a target for state actors looking to steal...

AFPNovember 15, 2023

Use of OT Cyberattack in Russia Ukraine War

Cyberwarfare

Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes

Mandiant says Russia's Sandworm hackers used a novel OT attack to cause power outages that coincided with mass missile strikes on critical infrastructure across...

Ryan NaraineNovember 9, 2023

Malware & Threats

New MacOS Malware Linked to North Korean Hackers

New macOS malware, tracked by Jamf as ObjCShellz, is likely being used by North Korean hackers to target crypto exchanges

Kevin TownsendNovember 7, 2023

Cyberwarfare

Iranian Cyber Spies Use ‘LionTail’ Malware in Latest Attacks

Check Point reports that an Iranian APT has been observed using a new malware framework in targeted attacks in the Middle East.

Ionut ArghireNovember 1, 2023

Nation-State

Canada Bans WeChat and Kaspersky on Government Phones

The Chief Information Officer of Canada determined that WeChat and Kaspersky applications present an unacceptable level of risk to privacy and security.

AFPOctober 30, 2023

ICS/OT

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

Ryan NaraineOctober 25, 2023

Nation-State

Canada: Lawmakers Targeted by China-Linked ‘Spamouflage’ Disinformation

Canada on warned of a "Spamouflage" disinformation campaign linked to China that used waves of online posts and deepfake videos.

AFPOctober 24, 2023

Nation-State

Iranian Hackers Lurked for 8 Months in Government Network

Iran-linked hacking group Crambus spent eight months inside a compromised network of a Middle Eastern government, Broadcom’s Symantec cybersecurity unit reports.

Ionut ArghireOctober 20, 2023