Suspected Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability in May to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan. Threat actors targeted officials from France, the United Kingdom, India, Singapore and Australia.
Ukrainian cyber police have disrupted a fake investment scam that involved stealing cryptocurrency from the online wallets of several victims in Canada. The scammers operated out of two call centers in the Khmelnytskyi region of Ukraine, mainly targeting Ukrainian citizens living in Canada.
The LockBit 3.0 ransomware group on Monday leaked 600 gigabytes of critical data stolen from Indian lender Fullerton India two weeks after the group demanded a $3 million ransom from the company. The stolen data includes "loan agreements with individuals and legal companies."
Researchers found Android malware masquerading as a legitimate application available and downloaded over 620,000 times from the Google Play store. The apps have been active since 2022, posing as legitimate photo-editing apps, camera editors and smartphone wallpaper packs.
Chinese APT group Mustang Panda is deploying a previously unseen malware backdoor dubbed MQsTTang as part of a spear-phishing campaign targeting governmental organizations, specifically in Ukraine and Taiwan, security firm Eset says. The malware is currently being spread as RAR files, it adds.
Threat actors actively targeting multinational clients of data center outsourcers and help desk providers in China and Singapore are posting stolen credentials for sale on data leak sites, and cybersecurity firm Resecurity says these actions could be part of a nation-state cyberespionage campaign.
Every year, threat actors look for new ways to outwit victims and bypass defenses. As you might expect, different languages, cultures and levels of digital maturity mean some places are more vulnerable than others.
For our ninth annual State of the Phish report, we’ve put together in-depth regional summaries to...
Asia-Pacific healthcare sector organizations struggle with many of the same cybersecurity challenges as clinics in other parts of the world, including ransomware threats and denial-of-service attacks, says Errol Weiss, chief security officer of the Health Information Sharing and Analysis Center.
Microsoft blamed an internal network configuration change for outages that disrupted access to Microsoft 365 services, including Microsoft Teams and Outlook, for users around the world. The change has been rolled back and additional infrastructure added to speed restoration, it says.
Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.
Posing as leading banks, the North Korea-backed BlueNoroff group is evading Microsoft Windows' Mark of the Web security measure to help infect machines with malware. Hackers are refining their techniques for bypassing MOTW, which warns users when they try to open a file downloaded from the internet.
A North Korean state-sponsored APT group targeted nearly 900 foreign policy experts from South Korea to steal their personal data and carry out ransomware attacks. Targeted individuals mainly had backgrounds in diplomacy, defense and security and were working toward Korean unification.
Microsoft says vulnerabilities in outdated web servers are likely responsible for a cyberattack last month against Indian energy giant Tata Power. Attackers targeted Boa servers, which were discontinued in 2005, to potentially compromise Tata and other critical infrastructure organizations around the world.
China again accused the United States of cyberespionage as it seeks to reframe the global narrative on hacking. China's status as the world's worst cyber thief "annoys them tremendously," says Jim Lewis of CSIS. Beijing says it caught the NSA hacking into Northwestern Polytechnical University.
Chinese intelligence is conducting cyberespionage campaigns targeting corporations involved with energy extraction in the South China Sea, researchers say. Proofpoint and PwC conclude with moderate confidence the campaign is the work of the threat actor known as TA423 or Red Ladon.