News • Insights • Analysis
Angry Likho (referred to as Sticky Werewolf by some vendors) is an APT group we’ve been monitoring since 2023. It bears a strong resemblance to Awaken Likho, which we’ve analyzed before, so we classified it within the Likho malicious activity Read More …
The Philippines has detected foreign attempts to access intelligence data, but its cyber minister said on Tuesday no breaches have been recorded so far. Attempts to steal data are wide-ranging, said minister for information and communications Ivan Uy. Advanced Persistent Read More …
Security researchers say the Chinese government-linked hacking group, Salt Typhoon, is continuing to compromise telecommunications providers, despite the recent sanctions imposed by the U.S. government on the group. In a report shared with TechCrunch, threat intelligence firm Recorded Future said Read More …
Microsoft discovered cyberattacks being launched by a group they call Storm-2372, who they assess with medium confidence aligns with Russia’s interests and tradecraft. The attacks appear to have been ongoing since August 2024 and have targeted governments, NGOs, and a Read More …
Italian spyware maker SIO, known to sell its products to government customers, is behind a series of malicious Android apps that masquerade as WhatsApp and other popular apps but steal private data from a target’s device, TechCrunch has exclusively learned. Read More …
Italy denied on Wednesday that Israeli spyware maker Paragon had cut ties with Rome following allegations that the Italian government had illegally used its technology to hack the phones of critics instead of criminals. “Paragon has never suspended the service Read More …
Microsoft is publishing for the first time their research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse Read More …
Security officials in the United Kingdom have demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud, people familiar with the matter told The Washington Post. The Read More …
ELF/Sshdinjector.A!tr is a collection of malware that can be injected into the SSH daemon. Samples of this malware collection surfaced around mid-November 2024. While Fortinet researchers have a good amount of threat intelligence on them (e.g., they are attributed to Read More …
Israeli spyware maker Paragon Solutions confirmed to TechCrunch that it sells its products to the U.S. government and other unspecified allied countries. Paragon’s executive chairman John Fleming said in a statement to TechCrunch on Tuesday that “Paragon licenses its technology Read More …
