A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in sectors such as government, education, technology and diplomacy, according to cybersecurity intelligence company Recorded Future.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns. The report said RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
Read more…
Source: MSN News
Related:
- The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
February 12, 2025
Microsoft is publishing for the first time their research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored ...
- U.K. orders Apple to let it spy on users’ encrypted accounts
February 7, 2025
Security officials in the United Kingdom have demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud, people familiar with the matter told The Washington Post. The British government’s undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not ...
- Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst
February 4, 2025
ELF/Sshdinjector.A!tr is a collection of malware that can be injected into the SSH daemon. Samples of this malware collection surfaced around mid-November 2024. While Fortinet researchers have a good amount of threat intelligence on them (e.g., they are attributed to the DaggerFly espionage group and were used during the Lunar Peek campaign against network appliances), nobody ...
- Spyware maker Paragon confirms US government is a customer
February 4, 2025
Israeli spyware maker Paragon Solutions confirmed to TechCrunch that it sells its products to the U.S. government and other unspecified allied countries. Paragon’s executive chairman John Fleming said in a statement to TechCrunch on Tuesday that “Paragon licenses its technology to a select group of global democracies — principally, the United States and its allies.” Fleming ...
- Meta’s WhatsApp says spyware company Paragon targeted users in two dozen countries
January 31, 2025
An official with Meta Platforms’ (META.O), opens new tab popular WhatsApp chat service said Israeli spyware company Paragon Solutions had targeted scores of its users, including journalists and members of civil society. The official said on Friday that WhatsApp had sent Paragon a cease-and-desist letter following the hack. In a statement, WhatsApp said the company “will ...
- CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
January 29, 2025
We identified a cluster of activity that we track as CL-STA-0048. This cluster targeted high-value targets in South Asia, including a telecommunications organization. This activity cluster used rare tools and techniques including the technique we call Hex Staging, in which the attackers deliver payloads in chunks. Their activity also includes exfiltration over DNS using ping, and ...