Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Illinois health department exposed over 700,000 residents’ personal data for years
January 8, 2026
The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents. The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the ...
- Fake WinRAR downloads hide malware behind a real installer
January 8, 2026
A member of Malwarebytes Labs web research team pointed the author to a fake WinRAR installer that was linked from various Chinese websites. When these links start to show up, that’s usually a good indicator of a new campaign. So, the author downloaded the file and started an analysis, which turned out to be something of ...
- Hackers use ‘Blue Screen of Death’ malware to target victims
January 6, 2026
Russian cybercriminals are trying to deploy backdoors and infostealers on people’s computers through a new ClickFix campaign – but this one comes with a sinister twist. ClickFix attacks are usually centered around pop-ups – the victim gets an error message, and at the same time is offered a fix. That fix, be it to run a ...
- Hacktivist deletes white supremacist websites live onstage during hacker conference
January 5, 2026
A hacktivist remotely wiped three white supremacist websites live onstage during their talk at a hacker conference last week, with the sites yet to return online. The pseudonymous hacker, who goes by Martha Root — dressed as Pink Ranger from the Power Rangers — deleted the servers of WhiteDate, WhiteChild, and WhiteDeal in real time ...
- 2025 was a terrible year for the ‘Four Families’ accused of running global cyber scam operations
January 4, 2026
People traded as commodities, iron cages used for punishment, severed fingers and even human sacrifice. These grisly details, revealed during interrogations of some of Asia’s most notorious criminal magnates, expose the horror of life in the many scam factories that dot Myanmar’s rugged and lawless border with China. The suspects were alleged members of powerful crime ...
- US cyber attacks plunged Caracas into darkness
January 4, 2026
US cyber attacks cut off power to large areas of Caracas to allow planes and helicopters to strike key military sites and capture Nicolás Maduro. Cyber command, space command and other American agencies layered effects to ensure more than 150 of its planes, drones and helicopters could approach the Venezuelan capital undetected. Cyber operators blacked out ...