Chinese police put 3 U.S. operatives on wanted list over cyberattacks

Police authorities in Harbin, in northeast China’s Heilongjiang Province, said on Tuesday that they are pursuing three operatives affiliated with the U.S. National Security Agency (NSA) over suspected cyberattacks against China. The Harbin public security bureau said that the three Read More …

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware

Slow Pisces (aka Jade Sleet, TraderTraitor, PUKCHONG) is a North Korean state-sponsored threat group primarily focused on generating revenue for the DPRK regime, typically by targeting large organizations in the cryptocurrency sector. This article analyzes their campaign that we believe Read More …

BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets

The stealthy rootkit-like malware known as BPFDoor (detected as Backdoor.Linux.BPFDOOR) is a backdoor with strong stealth capabilities, most of them related to its use of Berkeley Packet Filtering (BPF). In a previous article, Trend Micro researchers covered how BPFDoor and Read More …

Suspected Kimsuky (APT-Q-2) attacks South Korean companies

Kimsuky, alias Mystery Baby, Baby Coin, Smoke Screen, Black Banshe, etc., is tracked internally by Qi’anxin as APT-Q-2. The APT group was publicly disclosed in 2013, with attack activity dating as far back as 2012. Kimsuky’s main target for attacks Read More …

BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors

MOONSHINE and BADBAZAAR are examples of trojans; they have malicious functions hidden inside an otherwise functioning app that can be downloaded from app stores or online file-sharing services. These apps are designed to trick a user into downloading and installing Read More …

KLIA operations not affected after Malaysian airport hit by cyber attack

Operations at the Kuala Lumpur International Airport (KLIA) were not affected by a cyber attack by hackers who demanded US$10 million (S$13.4 million). In a joint statement on March 25, the National Cyber Security Agency (Nacsa) and Malaysia Airports Holdings Read More …

The Trump Administration Accidentally Texted Me Its War Plans

The world found out shortly before 2 p.m. eastern time on March 15 that the United States was bombing Houthi targets across Yemen. I, however, knew two hours before the first bombs exploded that the attack might be coming. The Read More …

Social media in Turkey restricted after Erdoğan rival detained

Following the detainment of Istanbul mayor and leading Turkish opposition politician Ekrem İmamoğlu, several social networks and short message services are only partially usable in the country. Many Turks described restrictions on X, YouTube, Instagram, TikTok, Whatsapp, Signal, Telegram and Read More …

South Korean defense giants bet big on AI-powered military tech

South Korean defense companies are ramping up investments in artificial intelligence (AI) software technology to boost unmanned warfare capabilities. The growing role of AI-powered autonomous weapon systems in warfare, particularly highlighted by the Russia-Ukraine war, has made them decisive in Read More …

SideWinder targets the maritime and nuclear sectors with an updated toolset

Last year, Kaspersky researchers published an article about SideWinder, a highly prolific APT group whose primary targets have been military and government entities in Pakistan, Sri Lanka, China, and Nepal. In the article, they described activities that had mostly happened Read More …