cyber espionage Archives - Help Net Security

cyber espionage

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet

September 21, 2023

More than 97% of the world’s internet traffic passes through subsea cables at some point, according to ENISA. Subsea cables are a vital component of the global internet …

How Chinese hackers got their hands on Microsoft’s token signing key

September 7, 2023

The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 …

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

August 31, 2023

ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the …

North Korean hackers breached Russian missile development firm

August 8, 2023

North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The …

Microsoft Exchange servers compromised by Turla APT

July 20, 2023

Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised …

Chinese hackers forged authentication tokens to breach government emails

July 12, 2023

Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) …

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

July 11, 2023

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …

Turla’s Snake malware network disrupted by Five Eyes’ authorities

May 10, 2023

The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated …

Researchers outline the Lazarus APT offensive toolset

October 3, 2022

ESET researchers uncovered and analyzed a set of malicious tools that were used by the Lazarus APT group in attacks during the end of 2021. The campaign started with spear …

Attackers use novel technique, malware to compromise hypervisors and virtual machines

September 30, 2022

Unknown attackers wielding novel specialized malware have managed to compromise VMware ESXi hypervisors and guest Linux and Windows virtual machines, Mandiant threat analysts …

Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns

June 24, 2022

If your organization is running VMware Horizon and Unified Access Gateway servers and you haven’t implemented the patches or workarounds to fix/mitigate the Log4Shell …

Stealthy APT group plunders very specific corporate email accounts

May 4, 2022

An eminently sophisticated and stealthy APT group is going after specific corporate email accounts and has, on occasion, managed to remain undetected in victim environments …

cyber espionage

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet

How Chinese hackers got their hands on Microsoft’s token signing key

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

North Korean hackers breached Russian missile development firm

Microsoft Exchange servers compromised by Turla APT

Chinese hackers forged authentication tokens to breach government emails

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

Turla’s Snake malware network disrupted by Five Eyes’ authorities

Researchers outline the Lazarus APT offensive toolset

Attackers use novel technique, malware to compromise hypervisors and virtual machines

Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns

Stealthy APT group plunders very specific corporate email accounts

Don't miss

Malicious ads creep into Bing Chat responses

How should organizations navigate the risks and opportunities of AI?

Why California’s Delete Act matters for the whole country

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)

How to avoid the 4 main pitfalls of cloud identity management