cyber espionage
-
State-sponsored XenoRAT campaign targets South Korean embassies, researchers say
A Trellix-led analysis describes a multi-phase, state-sponsored XenoRAT espionage campaign targeting South Korean embassies, with links to North Korea’s Kimsuky and indications of possible China-based sponsorship. The operation has conducted at least 19 spearphishing attacks since March, delivering XenoRAT via password-protected ZIP archives and complex, multilingual lures.
-
Curly COMrades APT Targets Georgia and Moldova, Leveraging Ngen for Persistence, Bitdefender Warns
A new cyber espionage campaign attributed to the Curly COMrades threat actor targets Georgia and Moldova, leveraging a mix of legitimate tools and a bespoke backdoor to establish long-term access and exfiltrate credentials, according to Bitdefender.
-
9GB Data Leak From Alleged North Korean Hacker Surfaces at DEF CON
Two hackers released a 9GB archive reportedly from a North Korean operator during DEF CON, with the material—including logs, credentials, and scripts—made available via DDoSecrets and published on Phrack; the data has been indexed and deemed authentic by researchers, though attribution remains uncertain.
-
Russian Espionage Group Targets Diplomats Through Innovative Malware
Microsoft has uncovered that Russian espionage group Secret Blizzard has been spying on foreign diplomats in Moscow since at least 2024, utilizing sophisticated malware and surveillance tactics to maintain access to sensitive communications.
-
New Cyber Espionage Campaign Targets Russian Aerospace Sector with EAGLET Implant
A new cyber espionage campaign named Operation CargoTalon has targeted Russian aerospace and defense sectors, deploying the EAGLET backdoor to facilitate data theft. Analysts report sophisticated tactics involving spear-phishing emails and the use of decoy documents referencing U.S. sanctioned entities.
-
Chinese Cyber Espionage Campaign Targets Taiwanese Semiconductor Industry
Recent spear-phishing campaigns linked to Chinese state-sponsored groups are targeting Taiwan’s semiconductor industry, emphasizing the vital role of cybersecurity in this critical sector amidst escalating geopolitical tensions.
-
State-Sponsored HazyBeacon Malware Targets Southeast Asian Governments
A new cyber espionage campaign targets Southeast Asian governments using the HazyBeacon malware, which leverages trusted cloud services for data exfiltration and evasion of detection.
-
DoNot APT Group Launches Cyber Espionage Attack on European Foreign Affairs Ministry
The DoNot APT group has launched a sophisticated cyber espionage attack on a European foreign affairs ministry, marking a significant expansion beyond its traditional focus on South Asia, according to researchers at Trellix.
-
New Espionage Group Exploits Microsoft Exchange Zero-Day Vulnerability to Target Chinese High-Tech Industries
A report reveals that the NightEagle Group, an advanced persistent threat, has exploited a zero-day vulnerability in Microsoft Exchange to extract intelligence from Chinese military and tech firms, raising concerns about cyber espionage and the implications for national security.
-
DoNot APT Expands Cyber Espionage Attacks in Europe
Recent cyber espionage activities attributed to the DoNot APT group highlight an alarming expansion of their operations targeting European foreign affairs ministries and other government entities, utilizing sophisticated malware to harvest sensitive information.
