Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Exploit released for critical VMware vRealize RCE vulnerability
January 31, 2023
Horizon3 security researchers have released proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched appliances. VMware patched four security vulnerabilities in its vRealize log analysis tool last week, two being critical and allowing remote attackers to execute code on compromised devices. Read more… Source: Bleeping Computer
- University of Michigan Health says cyber attack impacted public websites, not patient info
January 30, 2023
Michigan Health officials say its public websites experienced issues due to a cyber attack but claims the issue did not impact patient information. In a statement on Monday, officials say the attack affected a “third-party vendor we use to host some of our sites.” Read more… Source: CBS Detroit News
- Come to the dark side: hunting IT professionals on the dark web
January 30, 2023
The dark web is a collective name for a variety of websites and marketplaces that bring together individuals willing to engage in illicit or shady activities. Dark web forums contain ads for selling and buying stolen data, offers to code malware and hack websites, posts seeking like-minded individuals to participate in attacks on companies, and ...
- JD Sports hit by cyber-attack that leaked 10m customers’ data
January 30, 2023
The fashion retailer JD Sports said the personal and financial information of 10 million customers was potentially accessed by hackers in a cyber-attack. The company said incident, which affected some online orders made by customers between November 2018 and October 2020, targeted purchases of products of its JD, Size?, Millets, Blacks, Scotts and Millets Sport brands. Read ...
- Russian hackers DDoS Germany for aiding Ukraine
January 30, 2023
Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country’s plan to send tanks to Ukraine. The efforts, according to Germany’s cyber security agency, the BSI, were largely in vain. “Currently, ...
- Infrastructure Companies Say Suppliers Pose a Growing Cyber Threat
January 27, 2023
Companies in critical infrastructure sectors say weak cyber defenses at suppliers are becoming a significant threat to their business, and that rules to boost security down the supply chain might be needed. While federal and industry rules for specific areas such as aviation, pipeline companies and other critical infrastructure operators are well-established, said Curley Henry, vice ...