Security News

Newly Discovered Android Spyware Linked to State-Sponsored Indian Hackers
2021-02-11 15:10

Researchers at mobile security firm Lookout have published information on two recently discovered Android spyware families employed by an advanced persistent threat group named Confucius. For the past several years it also switched to mobile malware, with the first Android surveillanceware ChatSpy being observed in 2018.

SolarWinds Orion exploited by another group of state-sponsored hackers
2021-02-03 13:02

Another group of state-sponsored hackers has exploited the ubiquity of SolarWinds software to target US government agencies, Reuters reported on Tuesday. Unlike the alleged Russian attackers who inserted malware directly into the company's Orion network monitoring platform by compromising its build environment, another group has simply found and exploited a vulnerability in the software.

Defending Against State and State-Sponsored Threat Actors
2020-12-21 21:01

State actors can draw upon the skills and resources of their national intelligence communities, while state-sponsored actors, while not actually part of a state organization, can still draw upon the financial and technical assets of their sponsors. Another fundamental difference between "Civilian" and "State" actors is that law-enforcement agencies are better equipped to address threat actors who don't have state backing.

Security firm FireEye hit by state-sponsored cyberattack
2020-12-09 13:55

On Tuesday, security firm FireEye revealed that it was hit by a state-sponsored cyberattack through which the attackers stole its Red Team tools, a collection of scripts, scanners, and techniques used to train clients on how to improve their security defenses. The attackers operated clandestinely using tactics that counter security defenses and examination, and ones that Mandia said were not seen by FireEye or its partners before.

FireEye breach: State-sponsored attackers stole hacking tools
2020-12-09 12:23

U.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed on Tuesday. "The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past."

State-Sponsored Hackers Likely Behind Attacks on COVID-19 Vaccine Cold Chain
2020-12-03 14:05

An unknown threat actor that is likely sponsored by a nation state is believed to be behind a recent phishing campaign targeting the COVID-19 vaccine cold chain, IBM Security reported on Thursday. The targets appear to be associated with the Cold Chain Equipment Optimization Platform of Gavi, the Vaccine Alliance, whose main goal is to improve access to vaccines in poor countries.

NSA Lists 25 Vulnerabilities Currently Targeted by Chinese State-Sponsored Hackers
2020-10-21 11:06

The U.S. National Security Agency this week released an advisory containing information on 25 vulnerabilities that are being actively exploited or targeted by Chinese state-sponsored threat actors. The NSA notes that it has observed Chinese threat actors scanning for or attempting to exploit these vulnerabilities against multiple victims.

25 vulnerabilities exploited by Chinese state-sponsored hackers
2020-10-21 10:23

The US Cybersecurity and Infrastructure Security Agency has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or have exploited in attacks. "Most of the vulnerabilities [] can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks. The majority of the products are either for remote access or for external web services, and should be prioritized for immediate patching," the agency noted.

State-sponsored hackers and ransomware gangs are diversifying tactics to inflict more harm
2020-10-19 18:29

Some of the world's most skilled nation-state cyber adversaries and notorious ransomware gangs are deploying an arsenal of new open-source tools, actively exploiting corporate email systems, and using online extortion to scare victims into paying ransoms, according to Accenture's 2020 Cyber Threatscape Report. "Since COVID-19 radically shifted the way we work and live, we've seen a wide range of cyber adversaries changing their tactics to take advantage of new vulnerabilities," said Josh Ray, who leads Accenture Security's global cyber defense practice, in a statement.

Google warned users of 33,000 state-sponsored attacks in 2020
2020-10-16 17:30

Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of state-sponsored phishing attacks targeting their accounts. The prominent reminders sent to Google users targeted in government-backed attacks were displayed even when the hacking attempts were blocked to inform them of the danger.