Storm-0227, a Chinese state-sponsored advanced persistent threat (APT) actor started targeting critical infrastructure organizations, as well as government entities, in the United States. The group abuses software vulnerabilities and engages in spear phishing attacks to gain access to people’s devices.
Once they get the access, they deploy different Remote Access Trojans (RAT) and other malware to obtain login credentials for services such as Microsoft 365. They also steal sensitive documents and whatever else they can get their hands on. The goal of the campaign is cyber-espionage.
Read more…
Source: TechRadar News
Related:
- FBI Agents’ Call And Text Logs Potentially Stolen In Data Breach
January 23, 2025
The FBI has raised alarm that hackers who breached AT&T’s system last year may have stolen months of agents’ call and text logs, which could potentially lead to the identities of anonymous informants connected to investigations. While the hackers did not access the content of conversations, the stolen call log metadata—records of who called whom, when ...
- Trump administration fires members of cybersecurity review board in ‘horribly shortsighted’ decision
January 22, 2025
On Tuesday, a day after Donald Trump’s inauguration as the new U.S. president, the Department of Homeland Security told members of several advisory committees that they were effectively fired. Among the committees impacted is the Cyber Safety Review Board, or CSRB, according to sources familiar with the board who spoke to TechCrunch, as well as reporting ...
- Conduent confirms outage was due to a cybersecurity incident
January 22, 2025
U.S. government contractor Conduent, which provides technology to support services such as child support and food assistance, has confirmed that a recent outage was caused by a cybersecurity incident. Conduent confirmed the disruption, which left some U.S. residents without access to support payments, to TechCrunch on Tuesday but declined to say whether the outage was related ...
- CIA employee pleads guilty over leak of classified Israeli plans
January 17, 2025
A CIA employee who was accused of leaking classified documents about Israel’s plans to strike Iran pleaded guilty on Friday to criminal charges that he willfully retained and transmitted national defense information, the U.S. Department of Justice said. In pleading guilty, Asif William Rahman, who worked at the U.S. intelligence agency since 2016, acknowledged that he ...
- Product Security Bad Practices
January 17, 2025
As outlined in the Cybersecurity and Infrastructure Security Agency’s (CISA’s) Secure by Design initiative, software manufacturers should ensure that security is a core consideration from the onset of software development and throughout the entirety of the development lifecycle. This voluntary guidance provides an overview of product security bad practices that are considered exceptionally risky, particularly for ...
- PlugX malware deleted from thousands of systems by FBI
January 16, 2025
The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the People’s Republic of China (PRC) used a version of PlugX malware to control, and steal information from victims’ computers. PlugX has been around since at least 2008 but is under ...