Security News

New ToddyCat APT group targets Exchange servers in Asia, Europe
2022-06-21 11:46

An advanced persistent threat group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. At the time, the hacking group exploited the ProxyLogon Exchange flaws that allowed them to gain remote code execution on vulnerable servers to deploy China Chopper web shells.

A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia
2022-06-09 09:31

A previously undocumented Chinese-speaking advanced persistent threat actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013. This involved leveraging old and unpatched security vulnerabilities, with the decoy documents enticing targets into opening the files.

APT gang 'Sidewinder' goes on two-year attack spree across Asia
2022-05-12 08:04

The advanced persistent threat gang known as SideWinder has gone on an attack spree in the last two years, conducting almost 1,000 raids and deploying increasingly sophisticated attack methods. Noushin Shaba, a senior security researcher on Kaspersky's global research and analysis team, today told the Black Hat Asia conference that SideWinder mostly targets military and law enforcement agencies in Pakistan, Bangladesh and other South Asian nations.

Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia
2022-05-11 18:27

An espionage-focused threat actor known for targeting China, Pakistan, and Saudi Arabia has expanded to set its sights on Bangladeshi government organizations as part of an ongoing campaign that commenced in August 2021. Cybersecurity firm Cisco Talos attributed the activity with moderate confidence to a hacking group dubbed the Bitter APT based on overlaps in the command-and-control infrastructure with that of prior campaigns mounted by the same actor.

Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia
2022-05-02 08:54

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29, with some set of the activities associated with the crew assigned the moniker Nobelium.

Chinese APT Hackers Targeting Betting Companies in Southeast Asia
2022-03-24 06:16

A Chinese-speaking advanced persistent threat (APT) has been linked to a new campaign targeting gambling-related companies in South East Asia, particularly Taiwan, the Philippines, and Hong Kong....

DoNot Hacking Team Targeting Government and Military Entities in South Asia
2022-01-19 23:54

A threat actor with potential links to an Indian cybersecurity company has been nothing if remarkably persistent in its attacks against military organizations based in South Asia, including Bangladesh, Nepal, and Sri Lanka, since at least September 2020 by deploying different variants of its bespoke malware framework. Slovak cybersecurity firm ESET attributed the highly targeted attack to a hacking group known as Donot Team.

‘Seedworm’ Attackers Target Telcos in Asia, Middle East
2021-12-14 13:21

Attackers targeting telcos across the Middle East and Asia for the past six months are linked to Iranian state-sponsored hackers, according to researchers. Though the identity of attackers also is unconfirmed, they potentially could be linked to the Iranian group Seedworm, aka MuddyWater or TEMP.Zagros, researchers said.

HID Global acquires Omni-ID to exted RFID portfolio and broaden footprint in Asia
2021-08-18 23:30

HID Global announced that it has acquired Omni-ID, a manufacturer of RFID tags and industrial IoT hardware devices for passive and active tagging, tracking, monitoring and alerting applications. "I am very pleased to welcome Omni-ID into the ASSA ABLOY Group and HID," said Björn Lidefelt, EVP and Head of HID Global.

Kaspersky: LuminousMoth spearphishing campaign hit 1,500 targets in Asia
2021-07-14 18:27

Security researchers at Kaspersky have identified a widespread cyberespionage campaign that targets government offices in Asia; the cybersecurity attack starts with a spearphishing email. Kaspersky analysts explained the LuminousMoth attack on the SecureList blog and suggested that the lopsided numbers between the two countries could be due to an additional and unknown infection vector used only in the Philippines.