cyberespionage – WindowsTechs.com

Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

Posted on March 25, 2025 by Ryan Naraine

The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.
The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on Security… Continue reading Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky→

Silk Typhoon Hackers Indicted

Posted on March 11, 2025 by Bruce Schneier

Lots of interesting details in the story:

The US Department of Justice on Wednesday announced the indictment of 12 Chinese individuals accused of more than a decade of hacker intrusions around the world, including eight staffers for the contractor i-Soon, two officials at China’s Ministry of Public Security who allegedly worked with them, and two other alleged hackers who are said to be part of the Chinese hacker group APT27, or Silk Typhoon, which prosecutors say was involved in the US Treasury breach late last year.

[…]

According to prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that have criticized the Chinese government, and most recently the US Treasury, which was breached between September and December of last year. An internal Treasury report …

Continue reading Silk Typhoon Hackers Indicted→

1,600 Victims Hit by South American APT’s Malware

Posted on March 11, 2025 by Ionut Arghire

South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.
The post 1,600 Victims Hit by South American APT’s Malware appeared first on SecurityWeek.
Continue reading 1,600 Victims Hit by South American APT’s Malware→

Iranian Hackers Target UAE Firms With Polyglot Files

Posted on March 5, 2025 by Ionut Arghire

An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano.
The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek.
Continue reading Iranian Hackers Target UAE Firms With Polyglot Files→

OpenAI Bans ChatGPT Accounts Used by Chinese Group for Spy Tools

Posted on February 24, 2025 by Eduard Kovacs

OpenAI has banned ChatGPT accounts used by Chinese threat actors, including ones leveraged for the development of spying tools.
The post OpenAI Bans ChatGPT Accounts Used by Chinese Group for Spy Tools appeared first on SecurityWeek.
Continue reading OpenAI Bans ChatGPT Accounts Used by Chinese Group for Spy Tools→

How China Pinned University Cyberattacks on NSA Hackers

Posted on February 21, 2025 by Ionut Arghire

A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division.
The post How China Pinned University Cyberattacks on NSA Hackers appeared first on SecurityWeek.
Continue reading How China Pinned University Cyberattacks on NSA Hackers→

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

Posted on February 19, 2025 by Ryan Naraine

Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations.
The post How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying appea… Continue reading How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying→

Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job

Posted on February 13, 2025 by Ionut Arghire

A toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual.
The post Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job appeared first on SecurityWeek.
Continue reading Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job→

Apps That Are Spying on Your Location

Posted on January 10, 2025 by Bruce Schneier

404 Media and Wired are reporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics:

The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem—not code developed by the app creators themselves—this data collection is likely happening both without users’ and even app developers’ knowledge…

Continue reading Apps That Are Spying on Your Location→

NSO Group Spies on People on Behalf of Governments

Posted on November 27, 2024 by Bruce Schneier

The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve learned that that’s not true: that NSO Group employees operate the spyware on behalf of their customers.

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software…

Continue reading NSO Group Spies on People on Behalf of Governments→