Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk
February 7, 2023
There are many online stories and blog posts teaching people how to make “passive income” by sharing spare computing power and/or unused internet bandwidth. When users willingly or unwillingly install such software on their computers, the systems become agents of a distributed network. The operators of this distributed network might monetize it by selling proxy ...
- Researcher breaches Toyota supplier portal with info on 14,000 partners
February 7, 2023
Toyota’s Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who responsibly reported the issue to the company. GSPIMS is the car manufacturer’s web application that allows employees and suppliers to remotely log in and manage the firm’s global supply chain. Read more… Source: Bleeping Computer
- Web beacons on websites and in e-mail
February 7, 2023
There is a vast number of trackers, which gather information about users’ activities online. For all intents and purposes, We have grown accustomed to online service providers, marketing agencies, and analytical companies tracking our every mouse click, our social posts, browser and streaming services history. The collected data can be used for improving their user ...
- Here’s a list of proxy IPs to help block KillNet’s DDoS bots
February 6, 2023
A free tool aims is helping organizations defend against KillNet distributed-denial-of-service (DDoS) bots and comes as the US government issued a warning that the Russian cybercrime gang is stepping up its network flooding attacks against hospitals and health clinics. At current count, the KillNet open proxy IP blocklist lists tens of thousands of proxy IP addresses ...
- UK Engineering Company Vesuvius Hit by Cyber Attack
February 6, 2023
Vesuvius PLC said Monday that it is currently managing a cyber incident that involved unauthorized access to its systems. The U.K. engineered-ceramics manufacturer said as soon as it was aware of the unauthorized activity, it took the necessary steps to respond, including shutting down affected systems. Read more… Source: Market Watch
- Okta customers report dramatic increase in cyber-attacks
February 3, 2023
A marketing survey from digital identity firm Okta fielded in the first quarter of last year highlights dangers that, while hardly unknown, are sobering. The survey and report examined the state of secure identity, and came up with three facts the market needs to come to grips with. Read more… Source: Biometric Update