Chinese APT group Mustang Panda is deploying a previously unseen malware backdoor dubbed MQsTTang as part of a spear-phishing campaign targeting governmental organizations, specifically in Ukraine and Taiwan, security firm Eset says. The malware is currently being spread as RAR files, it adds.
Threat actors actively targeting multinational clients of data center outsourcers and help desk providers in China and Singapore are posting stolen credentials for sale on data leak sites, and cybersecurity firm Resecurity says these actions could be part of a nation-state cyberespionage campaign.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
A Chinese law requiring mandatory disclosure to the government of vulnerability reports appears to be paying dividends for state-connected hacking. "The Chinese government is up-leveling their capabilities," says Adam Meyers, senior vice president of intelligence at CrowdStrike.
The European Commission has directed employees to remove the ByteDance-owned, short-form video app TikTok from their phones and corporate devices, citing security concerns. The decision follows similar bans in the U.S. and other countries, driven by fears of Chinese hacking and influence.
Russian hackers breached and modified several Ukrainian state websites on Thursday morning using a backdoor planted nearly two years ago. Ukraine identified the hackers as belonging to a group tracked as UAC-0056, also known as SaintBear, UNC2589 and TA471.
The United States is warning domestic and European organizations to be extra vigilant about their presence in cyberspace on the one-year anniversary of Russia's 2022 invasion of Ukraine. Friday marks 12 months since Moscow initiated a war of conquest against its European neighbor.
One year after Russia intensified its invasion of Ukraine, the cyberwar many feared Moscow might unleash hasn't come to pass. In fact, while cyber operations have been a component of Russia's war - and cybersecurity a necessity of Ukraine's defense - cyber operations remain no silver bullet.
In a new report, tech giant Microsoft says distributed denial-of-service attacks became shorter in duration but more potent in 2022. The United States, India and East Asia were the top regions affected by DDoS attacks, and IoT devices continued to be the preferred mode of attack.
Norwegian authorities confiscated crypto assets worth nearly $5.68 million tied to the 2022 Ronin cryptocurrency bridge hack by North Korean state threat actor Lazarus Group. The authority describes the seizure as Norway's largest-ever crypto seizure.
Nearly a year after Russia's invasion began, Ukraine's top cybersecurity response center says the number of registered cyber incidents has increased threefold and malware attacks have been the predominant force in the increase. Overall, Ukraine identified 181 million "suspicious" events in 2022.
European cyber agencies warned of cyberespionage threats tied to Chinese state hacking groups actively probing networks. The report comes about 18 months after the European Union denounced a flurry of Chinese hacking. China’s top diplomat is currently on a multiday trip through Europe.
Russian military intelligence agency hackers walloped Ukraine with waves of data wipers and phishing attacks, but the torrent of destructive cyberattacks doesn't appear to have been as effective as previous Russian cyberattacks, report researchers from the Google Threat Analysis Group and Mandiant.
Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Tonto Team may be a unit of China's People's Liberation Army. Malwarebytes says the group has ramped up spying against Russian government agencies.
Ahead of RSA Conference 2023, Greg Day, a program committee member focusing on "hackers and threats," previews top themes at this year's event. Day, a member of the RSA Conference program committee, says one common theme is "old vulnerabilities and threat techniques being used in new environments."