State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered

Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in Pakistan and China. This comprises a network of 55 domains and IP addresses used by the threat actor, cybersecurity companies...

State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered

Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in Pakistan and China. This comprises a network of 55 domains and IP addresses used by the threat actor, cybersecurity companies...

China-Taiwan Tensions Spark Surge in Cyberattacks on Taiwan

China-Taiwan Tensions Spark Surge in Cyberattacks on Taiwan By Daksh Kapur, Leandro Velasco · May 17, 2023 Figure 1 image from freepik.com “In the past few years, we noticed that geopolitical conflicts are one of the main drivers for cyber-attacks on a variety of industries and institutions...

CVE-2022-47390

creationtimestamp| type| source ---|---|--- 2023-05-15 14:29:34+00:00| seen| https://t.me/cibsecurity/64091 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01 2026-03-31 07:38:42+00:00| seen|...

Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign

Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. Symantec, by Broadcom Software, is tracking the...

The UK’s Secretive Web Surveillance Program Is Ramping Up

A government effort to collect people’s internet records is moving beyond its test phase, but many details remain hidden from public view...

New DownEx Malware Campaign Targets Foreign Government Institutions in Central Asia

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The DownEx malware was discovered in a cyberattack on government institutions in Kazakhstan and Afghanistan in 2022, likely with state sponsorship. The attackers used spear-phishing emails to infiltrate...

Adopting an Effective and Easy To Implement Zero Trust Architecture

Security professionals employed by a federal agency, supplier, or regulated private sector firm are often challenged by long lists of required cybersecurity rules that can seem endless and unchanging. White House Executive Orders, FedRAMP requirements, CISA Binding Operational Directives, NIST...

Microsoft reports two Iranian hacking groups exploiting PaperCut flaw

By Deeba Ahmed The two groups exploiting the vulnerability are Mango Sandstorm and Mint Sandstorm. Both are linked to the Iranian government and intelligence agencies. This is a post from HackRead.com Read the original post: Microsoft reports two Iranian hacking groups exploiting PaperCut flaw...

Sophisticated DownEx Malware Campaign Targeting Central Asian Governments

Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages a previously undocumented strain of malware dubbed DownEx. Bitdefender, in a report shared with The Hacker News, said the activity remains active, with evidence likely pointing to the...

CVE-2023-24943

creationtimestamp| type| source ---|---|--- 2023-05-09 22:39:03+00:00| seen| https://t.me/cibsecurity/63666 2023-05-10 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1023 2023-05-10 13:00:06+00:00| seen| https://t.me/truesecator/4360...

U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services

U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The takedown is part of an ongoing international initiative dubbed Operation PowerOFF that's aimed at dismantling criminal DDoS-for-hire infrastructures worldwide. The...

Why Attackers Target the Government Industry

Key Takeaways: Government sites are full of information attackers want, so it’s crucial to defend them properly. DDoS is an easy tool for attackers to use to disrupt government sites, which can have far-reaching consequences, as we saw early in the Russia-Ukraine war. Remote code execution RCE...

Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique

The advanced persistent threat APT actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat APT group us...

Threat Source newsletter (May 4, 2023) — Recapping the biggest headlines to come out of RSA

Welcome to this weeks edition of the Threat Source newsletter. I didnt attend the RSA Conference in person, and on top of that, I was at the NFL Draft while the conference was going on. Im behind on the biggest talks, panels and presentations that came out during the annual security conference, s...

BouldSpy Android Spyware: Iranian Government's Alleged Tool for Spying on Minority Groups

A new Android surveillanceware possibly used by the Iranian government has been used to spy on over 300 individuals belonging to minority groups. The malware, dubbed BouldSpy, has been attributed with moderate confidence to the Law Enforcement Command of the Islamic Republic of Iran FARAJA...

SolarWinds: The Untold Story of the Boldest Supply-Chain Hack

The attackers were in thousands of corporate and government networks. They might still be there now. Behind the scenes of the SolarWinds investigation...

To Keep Up With Cybersecurity Laws, Go 'Federal First'

With new cybersecurity laws and regulations rolling out, the best way to maintain broad compliance is to align with the most stringent frameworks. In the U.S., that means taking a ‘federal first’ approach—conforming to the highest security requirements of the United States federal government...

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The agency attributed the phishing campaign to APT28, which is also known by the names Fancy Bear, Forest Blizzard,...

Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

A little-known Russian-speaking cyber-espionage group has been linked to a new politically-motivated surveillance campaign targeting high-ranking government officials, telecom services, and public service infrastructures in Tajikistan. The intrusion set, dubbed Paperbug by Swiss cybersecurity...