Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New phishing campaign targets Monzo online-banking customers
February 20, 2022
Users of Monzo, one of the UK’s most popular digital-only banking platforms, are being targeted by phishing messages supported by a growing network of malicious websites. Monzo is a 100% online banking platform with over four million customers and among the first to challenge the traditional financial managing system. The mobile-only platform offers a feature-rich app, debit ...
- CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure
February 18, 2022
CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical ...
- NCSC-NZ Releases Advisory on Cyber Threats Related to Russia-Ukraine Tensions
February 18, 2022
The New Zealand National Cyber Security Centre (NCSC-NZ) has released a General Security Advisory (GSA) on preparing for cyber threats relating to tensions between Russia and Ukraine. The advisory recommends organizations review their security posture and monitor for cyber incidents and provides additional resources to help protect against potential threats. CISA encourages all users to review ...
- Cybercrime: Dark web carding forum users are getting worried after a string of shutdowns
February 18, 2022
Cybercriminals are getting spooked by the sudden disappearance of a number of prominent dark web marketplaces, leading some to wonder if time is up on their illegal, underground activities. Cybersecurity researchers at Digital Shadows have analysed activity on carding forums – dark web marketplaces where criminals buy and sell stolen credit card information and other personal ...
- Ukraine Cyberattack 2022: Geopolitical Cybersecurity
February 18, 2022
Europe is on a knife-edge. With over 130,000 Russian troops amassed on the Ukrainian border, the region is witnessing the biggest build-up of firepower since the cold war. Inevitably, there is also cyber-dimension to this conflict. Mounting attacks on Ukrainian websites and I.T. infrastructure are making policymakers in Washington and elsewhere nervous should tensions rise ...
- Microsoft Teams Targeted With Takeover Trojans
February 17, 2022
Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found. In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the ...