Tradecraft in the Information Age
Long article on the difficulty (impossibility?) of human spying in the age of ubiquitous digital surveillance.
Intelligence
DoNot APT is expanding scope targeting European foreign ministries
DoNot APT, likely an India-linked cyberespionage group, targets European foreign ministries with LoptikMod malware. The DoNot APT group, likely linked to India, has expanded its operations and is targeting European foreign ministries with a new malware, called LoptikMod. The Donot Team (also known as APT-C-35 and Origami Elephant) has been active since 2016, focusing on government entities, foreign […]
Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates
An Iranian ransomware group, Pay2Key.I2P, has intensified attacks on U.S. and Israeli targets, offering affiliates higher profits. The Iranian ransomware group Pay2Key.I2P is stepping up attacks on U.S. and Israeli targets, luring affiliates with higher profit shares. The ransomware gang is the successor to the original Pay2Key group and experts linked it to the Iran-nexus […]
Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant
Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan’s Malpensa Airport on a U.S. warrant. Italian police arrested a Chinese national, Zewei Xu (33), at Milan’s Malpensa Airport on a U.S. warrant. Xu was arrested at Malpensa Airport on July 3rd after arriving on a flight from China. Authorities accused […]
Taiwan flags security risks in popular Chinese apps after official probe
Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. Taiwan National Security Bureau (NSB) warns that Chinese apps like TikTok, WeChat, Weibo, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China, following an official inspection with […]
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates
North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. North Korea-linked threat actors are targeting Web3 and crypto firms with NimDoor, a rare macOS backdoor disguised as a fake Zoom update. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram. […]
To Counter China, Reform U.S. Intelligence for the Digital Age
EXPERT PERSPECTIVE / OPINION — The United States is facing a quiet and rapidly growing threat across the digital landscape, an unseen mathematical space of binary code and shadowy actors. This landscape demands more, not less, attention, and urgently…
The Cipher Brief’s Hottest Summer Reading
CIPHER BRIEF FEATURE REPORTING — With the 4th of July holiday fast approaching, now is a good time for our annual summer list of recommended beach reads. Since we are The Cipher Brief, our favorites include not only thrillers and realistic, fast-pace…
CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure
U.S. warns of rising Iranian cyber threats exploiting outdated software and weak passwords, with attacks likely to escalate due to recent events. U.S. cybersecurity and intelligence agencies warn of rising cyber threats from Iranian state-linked hackers, expected to escalate. These actors typically exploit outdated software, known vulnerabilities, and weak or default passwords on internet-connected systems. […]
The Downward Spiral of Western Counterintelligence
OPINION — Counterintelligence is one of the most vital functions of the intelligence community, helping protect against foreign threats. Counterintelligence was heavily emphasized during the Cold War, as spying and unregistered foreign agents were at …