cyber espionage

DazzleSpy: macOS backdoor delivered through watering hole attacks
In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites (for example, that of local radio …

Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …

77% of rootkits are used for espionage purposes
In a new report, Positive Technologies analyzes this past decade’s most infamous families of rootkits – programs that hide the presence of malicious software or …

Smartphone counterespionage for travelers
If you’re traveling abroad on business, there’s a good chance you’ll need to bring along a smartphone to get around, meet up with associates or learn about the idiosyncrasies …

CVE-2021-40444 exploitation: Researchers find connections to previous attacks
The recent targeted attacks exploiting the (at the time) zero-day remote code execution vulnerability (CVE-2021-40444) in Windows via booby-trapped Office documents have been …

Belgium’s Interior Ministry uncovers 2-year-long compromise of its network
Belgium’s Federal Public Service Interior (i.e., the country’s Interior Ministry) has suffered a “complex, sophisticated and targeted cyberattack.” …

What contractors should start to consider with the DoD’s CMMC compliance standards
Q1 2021 has been a tumultuous period in our era of cyber espionage. The Center For Strategic & International Studies (CSIS), which has been tracking “significant cyber …

Digital dependence and innovation: Two critical trends in cyber espionage and crime
Being a veteran cybersecurity incident responder with over 21 years of field experience I know I will always have a job and it will always be interesting. In the evolution of …

SolarWinds hack investigation reveals new Sunspot malware
Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. …

Top videoconferencing attacks and security best practices
Videoconferencing has become a routine part of everyday life for remote workers, students, and families. Yet widespread adoption of this technology has also attracted …

SolarWinds hackers’ capabilities include bypassing MFA
As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing – according to Reuters, the attackers also breached U.S. …

US charges Sandworm hackers who mounted NotPetya, other high-profile attacks
The Sandworm Team hacking group is part of Unit 74455 of the Russian Main Intelligence Directorate (GRU), the US Department of Justice (DoJ) claimed as it unsealed an …
Featured news
Resources
Don't miss
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware
- Are we securing AI like the rest of the cloud?
- How exposure-enriched SOC data can cut cyberattacks in half by 2028