Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Swiss administration hit by cyber attack
June 3, 2023
Swiss authorities are investigating a cyber attack on the IT company Xplain, whose clients include many federal and cantonal government departments, including the army and customs. The online attack was revealed on Saturday by the newspaper Le Temps, which reported that “several cantonal police forces, the Swiss army and the Federal Office of Police (Fedpol) have ...
- Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
June 2, 2023
Mandiant has observed wide exploitation of a zero-day vulnerability in the MOVEit Transfer secure managed file transfer software for subsequent data theft. This vulnerability was announced by Progress Software Corporation on May 31, 2023 and has been assigned CVE-2023-34362. Based on initial analysis from Mandiant incident response engagements, the earliest evidence of exploitation occurred on May ...
- In search of the Triangulation: triangle_check utility
June 2, 2023
In their initial blogpost about “Operation Triangulation”, Kaspersky published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators. To automate this process, Kaspersky researchers developed a dedicated utility to scan the backups and run ...
- Russia says US intelligence hacked thousands of iPhones
June 2, 2023
Russia has accused United States intelligence agencies of hacking thousands of iPhones belonging to Russian users and foreign diplomats in the country. Russia’s Federal Security Service (FSB) said on Thursday that it had discovered an “intelligence action” that had compromised the phones of Russians as well as diplomats from Israel, Syria, China and NATO members. Read more… Source: ...
- A Confession Exposes India’s Secret Hacking Industry
June 1, 2023
In the summer of 2020, Jonas Rey, a private investigator in Geneva, got a call from a client with a hunch. The client, the British law firm Burlingtons, represented an Iranian-born American entrepreneur, Farhad Azima, who believed that someone had hacked his e-mail account. Azima had recently helped expose sanctions-busting by Iran, so Iranian hackers ...
- Progress Software Releases Security Advisory for MOVEit Transfer
June 1, 2023
Progress Software has released a security advisory for a SQL injection vulnerability (CVE-2023-34362) in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urgers users and organizations to review the MOVEit Transfer Advisory. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency