Cyber Warfare

US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide

The U.S. government seized 17 website domains used by North Korean IT workers in a fraudulent scheme to defraud businesses worldwide. The U.S. government announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of a fraudulent scheme illicit scheme to defraud businesses worldwide. The illicit funds defraud U.S. and […]

The post US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide appeared first on Security Affairs.

October 21, 2023
0 comment
Read More >>

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA). According to public sources, the threat actors targeted ICS of at least […]

The post Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers appeared first on Security Affairs.

October 17, 2023
0 comment
Read More >>

#OpIsrael, #FreePalestine & #OpSaudiArabia – How Cyber Actors Capitalize On War Actions Via Psy-Ops

Gaza: Resecurity identified threat actors exploiting the conflict to weaponize psychological operations (PSYOPs) campaigns. Amidst the outbreak of war on the Gaza Strip last weekend, Resecurity (Los Angeles-based cybersecurity company protecting Fortune 100) has identified multiple cyber-threat actors staging online psychological operations (PSYOPs) campaigns to manipulate public opinion regarding the escalating Israeli-Palestinian conflict. PSYOPs are […]

The post #OpIsrael, #FreePalestine & #OpSaudiArabia – How Cyber Actors Capitalize On War Actions Via Psy-Ops appeared first on Security Affairs.

October 11, 2023
0 comment
Read More >>

Hacktivists in Palestine and Israel after SCADA and other industrial control systems

Both pro-Israeli and pro-Palestinian hacktivists have joined the fight and are targeting SCADA and ICS systems. Both pro-Israeli and pro-Palestinian hacktivists have joined the fight in the cyber realm. Industrial control systems (ICS) seem to be one of the most lucrative targets for them, and there are hundreds exposed. After Hamas gunmen killed hundreds of […]

The post Hacktivists in Palestine and Israel after SCADA and other industrial control systems appeared first on Security Affairs.

October 10, 2023
0 comment
Read More >>

North Korea-linked Lazarus APT laundered over $900 million through cross-chain crime

North Korea-linked APT group Lazarus has laundered $900 million worth of cryptocurrency, Elliptic researchers reported. Researchers from blockchain analytics firm Elliptic reported that threat actors has already laundered a record $7 billion through cross-chain crime.  The term “Cross-chain crime” is used to refer to the swapping of cryptoassets between different tokens or blockchains to launder […]

The post North Korea-linked Lazarus APT laundered over $900 million through cross-chain crime appeared first on Security Affairs.

October 8, 2023
0 comment
Read More >>

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege

Belgian intelligence agency State Security Service (VSSE) fears that Chinese giant Alibaba is spying on logistics to gather financial intelligence. The Belgian intelligence service VSSE revealed that is investigating potential cyber espionage activities carried out by Chinese firms, including the Alibaba Group Holding, at a cargo airport in Liege. According to the Financial Times, Alibaba […]

The post Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege appeared first on Security Affairs.

October 6, 2023
0 comment
Read More >>

Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach

China-linked threat actors stole around 60,000 emails from U.S. State Department after breaching Microsoft’s Exchange email platform in May. China-linked hackers who breached Microsoft’s email platform in May have stolen tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters this week. During a briefing by U.S. State Department IT officials, […]

The post Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach appeared first on Security Affairs.

September 29, 2023
0 comment
Read More >>

China-linked APT BlackTech was spotted hiding in Cisco router firmware

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. US and Japanese intelligence, law enforcement and cybersecurity agencies warn of a China-linked APT, tracked as BlackTech (aka Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda), that planted backdoor in Cisco router firmware […]

The post China-linked APT BlackTech was spotted hiding in Cisco router firmware appeared first on Security Affairs.

September 27, 2023
0 comment
Read More >>

A phishing campaign targets Ukrainian military entities with drone manual lures

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. The campaign, codenamed STARK#VORTEX by Securonix, targets Ukrainian military entities and CERT-UA attributed it […]

The post A phishing campaign targets Ukrainian military entities with drone manual lures appeared first on Security Affairs.

September 25, 2023
0 comment
Read More >>

Iranian Peach Sandstorm group behind recent password spray attacks

Iran-linked Peach Sandstorm APT is behind password spray attacks against thousands of organizations globally between February and July 2023. Microsoft researchers observed a series of password spray attacks conducted by Iran nation-state actors as part of a campaign named Peach Sandstorm (aka Holmium, APT33, Elfin, and Magic Hound). The APT33 group has been around since at least […]

The post Iranian Peach Sandstorm group behind recent password spray attacks appeared first on Security Affairs.

September 16, 2023
0 comment
Read More >>