Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.
The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas and had confirmed intrusions in 42 countries when the disruption was executed. The
Read more…
Source: Google Threat Intelligence Group
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed
February 17, 2021
Details of a flaw in Apple’s Safari browser, publicly disclosed Tuesday, outline how the cybergang known as ScamClub reached 50 million users with a three-month-long malicious ad campaign pushing malware to mobile iOS Chrome and macOS desktop browsers. The Safari bug, patched on Dec. 2 by Apple, was exploited by a malvertising campaign that redirected traffic ...
- DDoS attacks in Q4 2020
February 16, 2021
Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as ...
- Security bugs left unpatched in Android app with one billion downloads
February 16, 2021
An Android application downloaded more than one billion times contains unpatched vulnerabilities that the app maker has failed to fix for more than three months. The vulnerabilities impact the Android version of SHAREit, a mobile app that allows users to share files with friends or between personal devices. The bugs can be exploited to run malicious code ...
- DDoS attacks on Russian online retailers double in 2020
February 16, 2021
The number of DDoS attacks on Russian online retailers nearly doubled in 2020 compared to the previous year, the Rostelecom-Solar cyber security company said in a statement. “Online retail business has been in the focus of cyber criminals for several years. However, as customer demand for online retail services grew amid coronavirus restrictions, they became even ...
- Cybersecurity Risks of Connected Cars
February 16, 2021
As the use of connected cars becomes more common, the technologies that power or support these vehicles continue to evolve. This provides a host of benefits, but just like any other technology, this new territory comes with some risks. In our paper, we add some substantial information to our research from last year, in order ...
- Cybersecurity Challenges for the European Railways
February 15, 2021
The European Union Agency for Cybersecurity (ENISA) released in November 2020 its “Cybersecurity in Railways” report to raise awareness about the cybersecurity challenges facing Europe’s railways. The report identifies the current cybersecurity status and challenges as well as proposes cybersecurity measures to combat these challenges and enhance the sector’s security posture. The report is based ...