cyberespionage – SSL and internet security news

Microsoft Issues Report of Russian Cyberattacks against Ukraine

April 28, 2022 infossl

cyberattack, cyberespionage, cyberwar, espionage, reports, russia, Security technology, ukraine, Uncategorized

Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country … Read More “Microsoft Issues Report of Russian Cyberattacks against Ukraine” »

US Critical Infrastructure Companies Will Have to Report When They Are Hacked

March 15, 2022 infossl

cyberattack, cyberespionage, cybersecurity, defense, espionage, hacking, infrastructure, laws, ransomware, Security technology, Uncategorized

This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President … Read More “US Critical Infrastructure Companies Will Have to Report When They Are Hacked” »

Using Foreign Nationals to Bypass US Surveillance Restrictions

January 13, 2022 infossl

cyberespionage, espionage, fbi, law enforcement, privacy, Security technology, surveillance, Uncategorized

Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on that operation. New documents received by Motherboard show that over 100 of those phones were shipped to users in the US, far more than previously believed. What’s most interesting to … Read More “Using Foreign Nationals to Bypass US Surveillance Restrictions” »

NSO Group’s Pegasus Spyware Used Against US State Department Officials

December 13, 2021 infossl

cyberespionage, hacking, israel, Security technology, spyware, Uncategorized

NSO Group’s descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees. We don’t know which NSO Group customer trained the spyware on the US. But the company does: NSO Group said in a statement on Thursday that it did not have any indication their tools were used … Read More “NSO Group’s Pegasus Spyware Used Against US State Department Officials” »

Nation-State Attacker of Telecommunications Networks

October 22, 2021 infossl

attribution, china, cyberespionage, espionage, hacking, Security technology, Uncategorized

Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures. Recent findings highlight this cluster’s extensive knowledge of telecommunications protocols, including the … Read More “Nation-State Attacker of Telecommunications Networks” »

Alaska’s Department of Health and Social Services Hack

September 21, 2021 infossl

cyberespionage, hacking, healthcare, leaks, Security technology, Uncategorized

Apparently, a nation-state hacked Alaska’s Department of Health and Social Services. Not sure why Alaska’s Department of Health and Social Services is of any interest to a nation-state, but that’s probably just my failure of imagination. Powered by WPeMatico

Tetris: Chinese Espionage Tool

August 18, 2021 infossl

china, cyberespionage, espionage, Security technology, spyware, Uncategorized

I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents. Powered by WPeMatico

NSO Group Hacked

July 20, 2021 infossl

Citizen Lab, cyberespionage, cyberweapons, leaks, Security technology, Uncategorized

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists. There’s a lot to read out there. Amnesty International has a … Read More “NSO Group Hacked” »

Candiru: Another Cyberweapons Arms Manufacturer

July 19, 2021 infossl

cyberespionage, cyberweapons, israel, privilege escalation, Security technology, spyware, Uncategorized

Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru. From the report: Summary: Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts. Using Internet scanning we identified more than 750 … Read More “Candiru: Another Cyberweapons Arms Manufacturer” »

The Misaligned Incentives for Cloud Security

May 28, 2021 infossl

certificates, cloud computing, cyberattack, cyberespionage, essays, externalities, hacking, russia, Security technology, Uncategorized

Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and US federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the Russians’ success was their ability to move through these organizations by compromising cloud and local network identity systems to then access cloud accounts … Read More “The Misaligned Incentives for Cloud Security” »