Amplifying kinetic attacks, Russian hackers in recent months have hit at least 11 telecommunications firms in Ukraine with a barrage of "destructive" malware designed to exfiltrate data, steal social media account credentials, destroy IT systems and disrupt operations, the Ukrainian government says.
A financially motivated hacking group turned cyberespionage operation targeted attendees of high-profile European conferences, including the Women Political Leaders Summit in Brussels. Threat actor Void Rabisu - also known as Tropical Scorpius and UNC2596 - has been honing its backdoor.
It could be weeks or months before outsiders have a clear picture of the cyber dimension of the conflict between Hamas and Israel, a cyber expert said. "As some of these stories come out, as we will start to learn about what was actually targeted," said Rob T. Lee of the SANS Institute.
Security researchers attributed a wave of targeted cyberattacks against telecommunications companies and government ministries in several Asian countries to a Chinese advanced persistence threat group named ToddyCat. The group has been expanding its cyberespionage operations in Asia since late 2022.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joined ISMG editors to discuss: how Hamas is using crypto to finance operations, the latest illicit activities by North Korean actors, and how the trial of FTX's Sam Bankman-Fried could impact the industry.
A top U.S. cybersecurity official said Israel has avoided significant cyberattacks since Hamas' invasion Saturday but said that wouldn't necessarily be America's experience should armed conflict break out with China. "There have not been significant cyberattacks as of right now," said Brandon Wales.
The violent surprise attack on Israel by Hamas and the region's escalating war spotlights the critical importance of situational awareness, and especially for healthcare organizations that rely on medical or tech products from Israeli technology firms, said Denise Anderson, president of the H-ISAC.
Amnesty International says the Vietnamese government is likely behind a wave of attempted Predator spyware infections against targets including members of the U.S. Congress and European officials. Central to the campaign was an account on social media network X (formerly Twitter).
Pentera got through the attacks on Israel with no injuries among its 180 local employees, and now 20 workers have been called up to serve in infantry or intelligence units. The automated security validation firm's CEO now only wants to do business with people who support Israel's right to defend itself.
Cybersecurity companies across the globe are now preparing for a sizable chunk of their Israel-based workforce to be drafted into the country's military reserves. They've also in recent days taken steps to support their workers or the country at large.
Self-proclaimed hacktivist groups have been attempting to insert themselves into the narrative surrounding the latest war between Israel and Hamas, claiming to have hacked organizations, leaked stolen data and disrupted websites. Experts say many but not all such hype-seeking claims are bogus.
A Chinese nation state hacking group is exploiting a zero day flaw in Atlassian's Confluence Data Center and Server products as part a campaign spotted in mid-September, Microsoft researchers say. The company attributes the campaign to a Chinese nation-state hacking group designates Storm-0062.
Just days after the unprecedented attack by Hamas on Israel, Zscaler CISO Sam Curry discusses the intertwined nature of cyber warfare and physical conflicts and how the conflict can quickly escalate to the global stage, harm globalized economies and devolve into digital chaos.
North Korea's state-sponsored hackers continue to refine their "cyber intrusions to conduct both espionage and financial crime to project power and to finance both their cyber and kinetic capabilities," says a new report from Google's Mandiant group.
A previously undetected cyberespionage group spied against Taiwanese government agencies and the island-country's manufacturing sector, say cybersecurity researchers. The Symantec Threat Hunter Team says it likely operates "from a region with a strategic interest in Taiwan."