Collaborate Disseminate
In a secret meeting between Chinese and US officials, the former confirmed conducting cyberattacks on US infrastructure.
The post China Admitted to US That It Conducted Volt Typhoon Attacks: Report appeared first on SecurityWeek.
Continue reading China Admitted to US That It Conducted Volt Typhoon Attacks: Report
The global rise of North Korean IT worker infiltration poses a serious cybersecurity risk—using fake identities, remote access, and extortion to compromise organizations.
The post North Korea’s IT Operatives Are Exploiting Remote Work Globally appeared… Continue reading North Korea’s IT Operatives Are Exploiting Remote Work Globally
North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem.
The post Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks appeared first on SecurityWeek.
Continue reading Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks
The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign.
The post Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley appeared first on SecurityWeek.
Continue reading Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley
China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers.
The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek.
Continue reading Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.
The post 1,600 Victims Hit by South American APT’s Malware appeared first on SecurityWeek.
Continue reading 1,600 Victims Hit by South American APT’s Malware
The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file.
The post How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist appeared first on … Continue reading How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist
Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks.
The post China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain appeared first on SecurityWeek.
Continue reading China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain
An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano.
The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek.
Continue reading Iranian Hackers Target UAE Firms With Polyglot Files
North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms.
The post North Korean Fake IT Workers Pose as Blockchain Developers on GitHub appeared first on SecurityWeek.
Continue reading North Korean Fake IT Workers Pose as Blockchain Developers on GitHub