2010, Hacking, Malware and Surveillance

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. Bazar is a lesser known spelling of Bazaar.” ” reads the report published by Lookout.

Surveillance

Surveillance Spyware Malware Mobile

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Security Affairs

JANUARY 26, 2022

. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign by the cyber attack group APT27 using the malware variant HYPERBRO against German commercial companies.” SecurityAffairs – hacking, APT27). Follow me on Twitter: @securityaffairs and Facebook.

Financial Services

Financial Services Surveillance Malware Cyber Attacks

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking

Hacking Spyware Telecommunications Malware

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The APT group has been active since 2010, targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. The hackers used the Windows drive encryption tool BitLocker to lock the servers.

Ransomware

Ransomware Malware Financial Services Encryption

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. SecurityAffairs – hacking, Budworm APT). Pierluigi Paganini.

Penetration Testing

Penetration Testing Financial Services Surveillance Manufacturing

Emissary Panda updated its weapons for attacks in the past 2 years

Security Affairs

MARCH 1, 2019

The Emissary Panda APT (aka LuckyMouse , APT27, Threat Group 3390, and Bronze Union) has been active since 2010, targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. Pierluigi Paganini.

Malware

Malware Advertising Financial Services Surveillance

Emissary Panda APT group hit Government Organizations in the Middle East

Security Affairs

MAY 30, 2019

The Emissary Panda APT group has been active since 2010, targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups.

Government

Government Advertising Financial Services Surveillance

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

NOVEMBER 15, 2022

The JabberZeus crew’s name is derived from the malware they used, which was configured to send them a Jabber instant message each time a new victim entered a one-time password code into a phishing page mimicking their bank. “In early October, the Ukrainian surveillance team said they’d lost him,” he wrote.

Banking

Banking Small Business Accountability Cybercrime

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

Experts warn of an ongoing hacking campaign that already compromised at least nine organizations worldwide from critical sectors by exploiting CVE-2021-40539. The APT group has been active since 2010, targeted organizations worldwide, including U.S. SecurityAffairs – hacking, CVE-2021-40539). Pierluigi Paganini.

Healthcare

Healthcare Password Management Financial Services Surveillance

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

Following this, they were tricked into downloading previously unknown malware. The backdoor, dubbed Tomiris, bears a number of similarities to the second-stage malware, Sunshuttle (aka GoldMax), used by DarkHalo last year. When victims tried to access their corporate mail, they were redirected to a fake copy of the web interface.

Malware

Malware Government Surveillance Spyware

Hungarian official confirms Hungary used NSO Group Pegasus spyware

Security Affairs

NOVEMBER 8, 2021

Lajos Kosa, chair of the Parliament’s Defense and Law Enforcement Committee, confirmed that Hungary is one of the clients of the Israeli surveillance firm NSO Group and that it bought and used the controversial Pegasus spyware. According to Kosa, the use of surveillance software was authorized by a judge or the Minister of Justice.

Spyware

Spyware Surveillance Media Government

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

All sites incorporated the archaic FCKeditor plug-in, which stopped receiving support in 2010. The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services.

IoT

IoT Internet Internet Ransomware

Iran announced to have foiled a second cyber-attack in a week

Security Affairs

DECEMBER 15, 2019

The APT27 cyber espionage group (aka Emissary Panda , TG-3390 , Bronze Union , and Lucky Mouse ) has been active since 2010, it targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups.

Cyber Attacks

Cyber Attacks Telecommunications Government Advertising

Cyber Security Informer

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

A chink in the armor of China-based hacking group Nickel

Trending Sources

Microsoft disrupts China-based hacking group Nickel

German intelligence agency warns of China-linked APT27 targeting commercial organizations

The Belgacom hack was the work of the UK GCHQ intelligence agency

Experts linked ransomware attacks to China-linked APT27

China-linked Budworm APT returns to target a US entity

Emissary Panda updated its weapons for attacks in the past 2 years

Emissary Panda APT group hit Government Organizations in the Middle East

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

APT trends report Q3 2021

Hungarian official confirms Hungary used NSO Group Pegasus spyware

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Iran announced to have foiled a second cyber-attack in a week

Stay Connected