The source code of a set of Iranian cyberespionage tools was leaked online. Powered by WPeMatico
Category: cyberespionage
Auto Added by WPeMatico
The company ProtectWise just published a long report linking a bunch of Chinese cyber-operations over the past few years. The always interesting gruqq has some interesting commentary on the group and its tactics. Lots of detailed information in the report, but I admit that I have never heard of ProtectWise or its research team 401TRG. … Read More “New Report on Chinese Intelligence Cyber-Operations” »
Jack Goldsmith and Stuart Russell just published an interesting paper, making the case that free and democratic nations are at a structural disadvantage in nation-on-nation cyberattack and defense. From a blog post: It seeks to explain why the United States is struggling to deal with the “soft” cyber operations that have been so prevalent in … Read More “Free Societies are at a Disadvantage in National Cybersecurity” »
The Wall Street Journal has a bombshell of a story. Yet another NSA contractor took classified documents home with him. Yet another Russian intelligence operation stole copies of those documents. The twist this time is that the Russians identified the documents because the contractor had Kaspersky Labs anti-virus installed on his home computer. This is … Read More “Yet Another Russian Hack of the NSA — This Time with Kaspersky’s Help” »
Kaspersky Labs exposed a highly sophisticated set of hacking tools from Russia called WhiteBear. From February to September 2016, WhiteBear activity was narrowly focused on embassies and consular operations around the world. All of these early WhiteBear targets were related to embassies and diplomatic/foreign affair organizations. Continued WhiteBear activity later shifted to include defense-related organizations … Read More “Russian Hacking Tools Codenamed WhiteBear Exposed” »
There’s a new report of a nation-state attack, presumed to be from China, on a series of managed ISPs. From the executive summary: Since late 2016, PwC UK and BAE Systems have been assisting victims of a new cyber espionage campaign conducted by a China-based threat actor. We assess this threat actor to almost certainly … Read More “APT10 and Cloud Hopper” »
Both Kaspersky and Symantec have uncovered another piece of malware that seems to be a government design: The malware — known alternatively as “ProjectSauron” by researchers from Kaspersky Lab and “Remsec” by their counterparts from Symantec — has been active since at least 2011 and has been discovered on 30 or so targets. Its ability … Read More “Yet Another Government-Sponsored Malware” »
Citizen Lab has a new report on an Iranian government hacking program that targets dissidents. From a Washington Post op-ed by Ron Deibert: Al-Ameer is a net savvy activist, and so when she received a legitimate looking email containing a PowerPoint attachment addressed to her and purporting to detail “Assad Crimes,” she could easily have … Read More “How the Iranian Government Hacks Dissidents” »
Appelbaum, Poitras, and others have another NSA article with an enormous Snowden document dump on Der Spiegel, giving details on a variety of offensive NSA cyberoperations to infiltrate and exploit networks around the world. There’s a lot here: 199 pages. (Here they are in one compressed archive.) Paired with the 666 pages released in conjunction … Read More “New NSA Documents on Offensive Cyberoperations” »