A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in sectors such as government, education, technology and diplomacy, according to cybersecurity intelligence company Recorded Future.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns. The report said RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
Read more…
Source: MSN News
Related:
- iPhone users in 98 countries warned about spyware by Apple
July 12, 2024
In April 2024, we reported how Apple was warning people of mercenary attacks via its threat notification system. At the time it warned users in 92 countries. In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users says: “Apple detected that you ...
- Insights on Cyber Threats Targeting Users and Enterprises in Brazil
July 12, 2024
Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society. Many of the cyber espionage threat actors that are prolific in campaigns across the globe are also active in carrying out attempted ...
- OilAlpha targets Arabic-speaking humanitarian NGOs in Yemen
July 12, 2024
OilAlpha continues to target Arabic-speaking entities, as well as those interested in humanitarian organizations and NGOs operating in Yemen. According to reports, users are lured to a deceptive web portal that mimics the generic login interfaces of humanitarian organizations such as CARE International and the Norwegian Refugee Council, with the aim of stealing credentials. It appears ...
- DodgeBox Loader Loading MoonWalk Backdoor
July 11, 2024
Threat researchers recently discovered a new loader dubbed DodgeBox. This loader shares significant traits with StealthVector, which is associated with the Chinese APT group APT41 / Earth Baku. DodgeBox functions as a loader for a new backdoor named MoonWalk, which utilizes evasion techniques such as call stack spoofing, DLL sideloading, DLL hollowing and environmental guardrails similar ...
- APT40 Advisory PRC MSS tradecraft in action
July 8, 2024
The PRC state-sponsored cyber group has previously targeted organisationsin various countries, including Australia and the United States, and the techniques highlighted below are regularly used by other PRC state-sponsored actors globally. Therefore, the authoring agencies believe the group, and similar techniquesremain a threat to their countries’ networks as well. The authoring agencies assess that this group ...
- CloudSorcerer – A new APT targeting Russian government entities
July 8, 2024
In May 2024, Kaspersky researchers discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. The malware leverages cloud resources as its command and control (C2) servers, accessing them ...