- Kaspersky uncovers APT campaign targeting APAC government entities
October 17, 2023
Kaspersky researchers have discovered a persistent campaign compromising a specific type of secure USB drive used to provide encryption for safe data storage. Dubbed “TetrisPhantom,” this espionage effort targets government entities in the Asia-Pacific region (APAC), and shows no discernible overlap with any known threat actor. These and other findings are detailed in Kaspersky’s new ...
- Thailand: House of Representatives’ Website Hacked, Cyber Attack Investigation Underway
October 16, 2023
The House of Representatives’ website fell victim to a cyber attack on Sunday, October 15, 2023. The hackers, who go by the name 3MUSKETEERZ, managed to breach the website’s security and display a picture of a troll in the photo journal section. Additionally, the perpetrators altered the press releases and committee schedules featured on the site. ...
- Stayin’ Alive – targeted attacks against telecoms and government ministries in Asia
October 11, 2023
In the last few months, Check Point Research has been tracking “Stayin’ Alive”, an ongoing campaign that has been active since at least 2021. The campaign operates in Asia, primarily targeting the Telecom industry, as well as government organizations. The “Stayin’ Alive” campaign consists of mostly downloaders and loaders, some of which are used as ...
- ‘Predator Files’ spyware scandal reveals brazen targeting of civil society, politicians and officials
October 9, 2023
Shocking spyware attacks have been attempted against civil society, journalists, politicians and academics in the European Union (EU), USA and Asia, according to a major new investigation by Amnesty International. Among the targets of Predator spyware are United Nations (UN) officials, a Senator and Congressman in the USA and even the Presidents of the European ...
- Budworm: APT Group Uses Updated Custom Tool in Attacks on Government and Telecoms Org
September 28, 2023
The Budworm advanced persistent threat (APT) group continues to actively develop its toolset. Most recently, the Threat Hunter Team in Symantec, part of Broadcom, discovered Budworm using an updated version of one of its key tools to target a Middle Eastern telecommunications organization and an Asian government. Both attacks occurred in August 2023. Budworm (aka LuckyMouse, ...
- Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government
September 22, 2023
A cluster of threat actor activity that Unit 42 observed attacking a Southeast Asian government target could provide insight into a rarely seen, stealthy APT group known as Gelsemium. The researchers found this activity as part of an investigation into compromised environments within a Southeast Asian government. Unit 42 researchers identified the cluster as CL-STA-0046. This unique ...
- Bermuda: Governor Confirms A ‘Major Cyber-Attack’
September 22, 2023
“Bermuda’s Government IT systems were subjected to a major cyber-attack” and the UK’s National Cyber Security Centre and the National Crime Agency “have been in contact with the Bermuda authorities, and are providing advice to support them,” Governor Rena Lalgie said. The Governor said, “Yesterday Bermuda’s Government IT systems were subjected to a major cyber-attack. That ...
- HWL Ebsworth hack: 65 Australian government agencies affected by cyber-attack
September 18, 2023
Sixty-five Australian government departments and agencies were victims of the cyber-attack on legal firm HWL Ebsworth, the national cybersecurity coordinator has revealed. In a speech on Monday, Air Marshal Darren Goldie also revealed that some people and clients with personal information exposed in the hack have yet to be informed. The Russian-linked ALPHV/BlackCat ransomware group hacked the law ...
- Kuwait’s finance ministry says cyberattack hit one of its systems
September 18, 2023
Kuwait’s finance ministry said on Monday that one of its systems had suffered a cyberattack in the early morning but that the ministry continued to work normally. The ministry said in a statement that protection systems and procedures had been activated and “the level of the hacking attempt is being assessed.” Read more… Source: Alarabiya News
- China denies iPhone ban for officials but notes its ‘security incidents’
September 13, 2023
Just hours after Apple wrapped up its annual product launch for the hotly anticipated iPhone 15, the Chinese government denied reports that it had banned officials from using the smartphones — and then noted recent “security incidents” involving the devices. “China has not issued any legislation, regulations or policy documents prohibiting the purchase and use of ...
- Sri Lanka: Report called over cyberattack on government sites
September 13, 2023
The Ministry of Technology said an investigation was called into the cyberattack that transpired on the 26th of August 2023. The statement added that the cyberattack, which targeted email systems under the ‘gov.lk’ domain, resulted in substantial data loss and a disruption of communications within various state offices. It stated that the ICTA disclosed that this ...
- A peek into APT36’s updated arsenal
September 12, 2023
In July 2023, Zscaler ThreatLabz discovered new malicious activity perpetuated by the Pakistan-based advanced persistent threat group (APT36). APT36 is a sophisticated cyber threat group with a history of conducting targeted espionage operations in South Asia. Zscaler ThreatLabz observed APT36 targeting Indian government sectors using a previously undocumented Windows RAT, new cyber espionage utilities for ...
- Analyzing Cuba ransomware
September 11, 2023
The group’s offensives first got on Kaspersky researchers radar in late 2020. Back then, the cybercriminals had not yet adopted the moniker “Cuba”; they were known as “Tropical Scorpius”. Cuba mostly targets organizations in the United States, Canada and Europe. The gang has scored a series of resonant attacks on oil companies, financial services, government ...
- Storm-0558: Understanding How Microsoft Failed to Protect Itself
September 7, 2023
You’re undoubtedly familiar with the so-called Storm-0558 attacks from July 2023. If not a quick recap: these attacks (widely attributed as the work of the Chinese government) compromised a number of high-value Exchange Online mailboxes, including the US Secretary of Commerce and the US Ambassador to China. Given the sensitivity of the mailboxes, it’s likely ...
- Apple shares fall after China reportedly bans iPhone use by government officials
September 7, 2023
Apple stocks fell after China reportedly banned officials at central government agencies from using or bringing iPhones and other foreign-branded devices into the office. In recent weeks, Chinese officials were given the instructions by their superiors in workplace chat groups or meetings, the Wall Street Journal reported, adding that it wasn’t clear how widely the orders ...
- South Africa: Unprecedented cyber attacks target government entities
September 5, 2023
The incidence of spyware attacks has shown a significant surge of over 20% within South Africa with regard to 2023. The majority of these reported attacks have been concentrated on governmental websites and systems, thereby potentially engendering substantial instability to the national security framework of South Africa. The foundational principle of national security mandates that a ...
- UK: Electoral Commission failed basic security test before hack
September 5, 2023
The Electoral Commission has confirmed it failed a basic cyber-security test around the same time hackers gained entry to the organisation. A whistleblower told the BBC that the Commission was given an automatic fail during a Cyber Essentials audit. Last month the Commission revealed that “hostile actors” accessed its emails and potentially the data of 40 ...
- Earth Estries Targets Government, Tech for Cyberespionage
August 30, 2023
Earlier this year, Trend Micro researchers discovered a new cyberespionage campaign by a hacker group we named Earth Estries. Based on their observations, Earth Estries has been active since at least 2020. The researchers also found some overlaps between the tactics, techniques, and procedures (TTPs) used by Earth Estries and those used by another advanced ...
- Russian and Chinese cyber attack on Foreign Office was kept secret from public
August 12, 2023
Hackers from Russia and China infiltrated the Foreign Office’s emails and internal messages without the public’s knowledge, it has been revealed. The major security breach meant cyber attackers were able to see the day-to-day business of the government department in 2021. The cyber attacks were enabled because a Foreign Office staff member ‘probably accidentally’ downloaded malware ...
- UK Elections watchdog targeted by cyber attack which left voters’ details exposed
August 8, 2023
Details of tens of millions of voters could have been accessed by hackers who targeted the elections watchdog. The Electoral Commission revealed on Tuesday it was targeted by a cyber attack which allowed “hostile actors” to access electoral registers. The hack allowed the attackers to access reference copies of electoral registers which contained the name and addresses ...