Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers uncover new TheTruthSpy stalkerware victims
February 12, 2024
A consumer-grade spyware operation called TheTruthSpy poses an ongoing security and privacy risk to thousands of people whose Android devices are unknowingly compromised with its mobile surveillance apps, not least due to a simple security flaw that its operators never fixed. Now, two hacking groups have independently found the flaw that allows the mass access of ...
- Kenya: Cyber attacks on computer systems, mobile apps surge
February 10, 2024
Cyber attacks on computer systems and mobile applications recorded the highest increase in the three months to December last year, the latest data from the Communications Authority of Kenya (CA) shows. According to the CA’s Cyber Security report for the period, system attack threats that were detected increased 10-fold compared to the preceding three-month period that ...
- Ivanti urges customers to patch yet another critical vulnerability
February 9, 2024
In a new blog post, Ivanti says that it has found another vulnerability and urges customers to “immediately take action to ensure you are fully protected”. This vulnerability only affects a limited number of supported versions–Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3. Please read ...
- Maldocs Of Word And Excel: Vigor Of The Ages
February 8, 2024
Chasing new exploits, vulnerabilities, and threats is the way to go in the ever-changing cybercrime landscape. However, in a constant flow of information, the focus on yesterday’s highlights is low: every day, new CVEs occur, and new threats emerge. With this state of affairs, old menaces can be easily overlooked and still used by the attackers, ...
- Coyote: A multi-stage banking Trojan abusing the Squirrel installer
February 8, 2024
The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, Kaspersky researchers encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil. What caught their attention was the sophisticated infection chain that makes use of various ...
- Google saves your conversations with Gemini for years by default
February 8, 2024
Don’t type anything into Gemini, Google’s family of GenAI apps, that’s incriminating — or that you wouldn’t want someone else to see. That’s the PSA (of sorts) today from Google, which in a new support document outlines the ways in which it collects data from users of its Gemini chatbot apps for the web, Android and ...