Nation-State DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military Chinese national Song Wu allegedly sent spear-phishing emails to NASA, Air Force, Navy, Army, and FAA employees. Ionut ArghireSeptember 17, 2024
Nation-State MITRE Hack: China-Linked Group Breached Systems in December 2023 MITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker’s activities. Eduard KovacsMay 7, 2024
Nation-State Iranian Cyberspies Hit Targets With New Backdoors Iranian state-sponsored group APT42 is targeting NGOs, government, and intergovernmental organizations with two new backdoors. Ionut ArghireMay 6, 2024
Malware & Threats Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations. Ionut ArghireApril 23, 2024
Nation-State Chinese Cyberspies Targeting ASEAN Entities Two Chinese cyberespionage groups have been targeting entities and member countries affiliated with ASEAN. Ionut ArghireMarch 28, 2024
Nation-State Chinese APT Hacks 48 Government Organizations Earth Krahang, likely a penetration team of Chinese government contractor I-Soon, has compromised 48 government entities worldwide. Ionut ArghireMarch 19, 2024
Malware & Threats Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks Chinese APT Evasive Panda compromises a software developer’s supply chain to target Tibetans with malicious downloaders. Ionut ArghireMarch 8, 2024
Malware & Threats Chinese Cyberspies Use New Malware in Ivanti VPN Attacks Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades. Ionut ArghireFebruary 28, 2024
Nation-State Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years A possibly China-linked threat actor uses a custom backdoor in a cyberespionage campaign ongoing since at least 2021. Ionut ArghireFebruary 12, 2024
Malware & Threats Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan. Ionut ArghireJanuary 26, 2024
Cyberwarfare Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information. Eduard KovacsJanuary 18, 2024
Malware & Threats Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout Ivanti zero-day vulnerabilities dubbed ConnectAround could impact thousands of systems and Chinese cyberspies are preparing for patch release. Eduard KovacsJanuary 12, 2024