Collaborate Disseminate
Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades.
The post Chinese Cyberspies Use New Malware in Ivanti VPN Attacks appeared first on SecurityWeek.
Continue reading Chinese Cyberspies Use New Malware in Ivanti VPN Attacks
Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities.
From their report:
In collaboration with OpenAI, we are sharing threat intelligence showing detected state affiliated adversaries—tracked as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon—using LLMs to augment cyberoperations.
The only way Microsoft or OpenAI would know this would be to spy on chatbot sessions. I’m sure the terms of service—if I bothered to read them—gives them that permission. And of course it’s no surprise that Microsoft and OpenAI (and, presumably, everyone else) are spying on our usage of AI, but this confirms it…
Continue reading Microsoft Is Spying on Users of Its AI Tools
A possibly China-linked threat actor uses a custom backdoor in a cyberespionage campaign ongoing since at least 2021.
The post Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years appeared first on SecurityWeek.
Continue reading Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years
The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan.
The post Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware appeared first on SecurityWeek.
Continue reading Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware
The agency says the bug is being actively exploited and poses a risk to federal networks.
The post CISA issues emergency directive for federal agencies to patch Ivanti VPN vulnerabilities appeared first on CyberScoop.
Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information.
The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek.
Continue reading Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns
Ivanti zero-day vulnerabilities dubbed ConnectAround could impact thousands of systems and Chinese cyberspies are preparing for patch release.
The post Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout appeared first on … Continue reading Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout
Turkish state-sponsored group Sea Turtle has been targeting multiple organizations in the Netherlands for espionage.
The post Turkish Cyberspies Targeting Netherlands appeared first on SecurityWeek.
Continue reading Turkish Cyberspies Targeting Netherlands
US, UK, and Poland warn of Russia-linked cyberespionage group’s broad exploitation of recent TeamCity vulnerability.
The post Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies appeared first on SecurityWeek.
Continue reading Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies
A recent emergence on the threat landscape, the Sandman APT appears linked to a Chinese hacking group.
The post Sandman Cyberespionage Group Linked to China appeared first on SecurityWeek.
Continue reading Sandman Cyberespionage Group Linked to China