U.S. Charges Chinese Military Officers in 2017 Equifax Hacking

Four members of China’s military were charged on Monday with hacking into Equifax, one of the nation’s largest credit reporting agencies, and stealing trade secrets and the personal data of about 145 million Americans in 2017. The charges underscored China’s quest to Read More …

Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Chinese hackers have used a zero-day in the Trend Micro OfficeScan antivirus during their attacks on Mitsubishi Electric, ZDNet has learned from sources close to the investigation. Trend Micro has now patched the vulnerability, but the company did not comment if the Read More …

U.S. Government Agency Targeted With Malware-Laced Emails

A U.S. government agency was targeted with spear phishing emails harboring several malware strains – including a never-before-seen malware downloader that researchers call “Carrotball.” The campaign, which researchers observed occurring from July to October and code-named “Fractured Statue,” involved six Read More …

FBI: Nation-state actors have breached two US municipalities

Nation-state hackers have breached the networks of two US municipalities last year, the FBI said in a security alert sent to private industry partners last week. The hacks took place after attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach Read More …

Report: Chinese hacking group APT40 hides behind network of front companies

An online group of cyber-security analysts calling themselves Intrusion Truth have doxed their fourth Chinese state-sponsored hacking operation. “APT groups in China have a common blueprint: contract hackers and specialists, front companies, and an intelligence officer,” the Intrusion Truth team Read More …

More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

The threat group regularly referred to as APT33 is known to target the oil and aviation industries aggressively. This threat group has been reported on consistently for years, but our recent findings show that the group has been using about a dozen live Command and Control Read More …

APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims

The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets in the Middle East, the U.S. and Asia. Each botnet, Read More …

Cybercriminals Impersonate Russian APT ‘Fancy Bear’ to Launch DDoS Attacks

Cybercriminals posing as the Russian APT group Fancy Bear have been launching DDoS attacks against companies in the financial sector and demanding ransom payments, according to a new report. The large-scale, multi-vector DDoS attacks come with accompanying ransom letter. They Read More …

US Treasury sanctions three North Korean hacking groups

The US Department of the Treasury imposed sanctions today on three North Korean state-controlled hacking groups, which US authorities claim to have helped the Pyongyang regime raise funds for its weapons and missile programs. US officials cited three hacking groups Read More …

Iranian hackers resume credential-stealing phishing attacks against universities around the world

An Iranian hacking operation has expanded a global phishing campaign that targets universities in an attempt to steal usernames and passwords. Dubbed Colbalt Dickens, the campaign was initially detailed in August last year, with researchers at Secureworks blaming cyberattacks targeting universities in 14 Read More …