Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- The State of Ransomware 2024
April 30, 2024
The fifth Sophos State of Ransomware Report reveals the real-world ransomware experiences of 5,000 organizations around the globe, from root cause through to severity of attack, financial impact, and recovery time. Based on the findings of a survey of IT/cybersecurity leaders across 14 countries, this year’s report combines year-on-year insights with brand new areas of study. ...
- India Recorded 79 Million Cyber Attacks In 2023, Ranks 3rd Globally
April 30, 2024
India ranked as the third-largest country globally for phishing attacks after the US and UK, with its technology sector facing nearly 33 per cent of all such strikes, marking it as the most targeted industry, according to a report. The report by cybersecurity firm Zscaler showed a 60 per cent rise in global phishing attacks over ...
- Hull City Council suffers nine cyber attacks in three years
April 30, 2024
Hull City Council has paid £30,000 in data breach claims and suffered nine cyber attacks in the past three years, a report has found. The local authority confirmed it’s had nine cyber security incidents since 2021, five of which were phishing attacks (scams where attackers deceive people into revealing sensitive information). An investigation by DataBreachClaims.org.uk revealed ...
- Android Remote Access Trojan Equipped to Harvest Credentials
April 29, 2024
The SonicWall Capture Labs threat research team has been regularly sharing information about malware targeting Android devices. The researchers encountered similar RAT samples before, but this one includes extra commands and phishing attacks designed to harvest credentials. This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on ...
- Dutch cybersecurity experts warning companies about global ransomware attack
April 28, 2024
Dutch cybersecurity companies have issued warnings to thousands of companies about a global ransomware attack. The attackers, known as the Cactus Gang, are from Eastern Europe and have been active since the end of last year. The cybercriminals managed to penetrate the security systems of 122 companies, and at least 10 of those are in the ...
- Cybersecurity researchers spotlight a new ransomware threat – be careful where you upload files
April 26, 2024
Today’s browsers are almost operating systems unto themselves. They can run software programs and encrypt files. These capabilities, combined with the browser’s access to the host computer’s files – including ones in the cloud, shared folders and external drives – via the File System Access API creates a new opportunity for ransomware. Imagine you want to ...