Lucene search
K

29 matches found

The Hacker News
The Hacker News
added 2025/10/22 5:21 p.m.9 views

Iran-Linked MuddyWater Targets 100+ Organizations in Global Espionage Campaign

The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa MENA region, including over 100 government entities. The...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/30 4:7 p.m.2 views

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. "Phantom Taurus' main focus areas include ministries of forei...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/03 10:30 a.m.6 views

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats

An Iran-nexus group has been linked to a "coordinated" and "multi-wave" spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world. The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to...

7.3AI score
Exploits0
Trellix
Trellix
added 2025/08/18 12:0 a.m.10 views

The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign

The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign By Pham Duy Phuc and Alex Lanstein · August 18, 2025 The Trellix Advanced Research Center uncovered a sophisticated espionage operation targeting diplomatic missions across several regions in South Korea during...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/31 5:12 p.m.14 views

Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle AitM attack at the Internet Service Provider ISP level and delivering a custom malware...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/14 12:0 a.m.3 views

Overcoming Bottlenecks in Homomorphic Encryption for the 2024 Mexican Federal Election

On June 2, 2024, Mexico held its federal elections. The majority of Mexican citizens voted in person at the polls in this historic election. For the first time though, Mexican citizens living outside their country were able to vote online via a web app, either on a personal device or using an...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/29 5:52 a.m.11 views

UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents

The advanced persistent threat APT group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE. "This research focuses on completing the picture of UAC-0063's...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/08 10:58 a.m.16 views

GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets

A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets. Victims included a South Asian embassy in Belarus and a European...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/23 11:14 a.m.11 views

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat APT group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. "An analysis of this threat actor's activity reveals long-term...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/19 5:5 a.m.65 views

Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws

Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting XSS vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily located in Georgia,...

9.8CVSS6.8AI score0.12661EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/08/11 2:23 p.m.33 views

Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus

A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle AitM attacks at the...

7.3AI score
Exploits0
HackRead
HackRead
added 2023/07/05 7:33 p.m.12 views

SmugX: Chinese Hackers Targeting Embassies in Europe

By Deeba Ahmed The researchers believe that the SmugX attack is an extension of a previously discovered campaign linked to Mustang Panda. This is a post from HackRead.com Read the original post: SmugX: Chinese Hackers Targeting Embassies in Europe...

6.9AI score
Exploits0
Talos Blog
Talos Blog
added 2023/03/14 11:0 a.m.39 views

Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency

Cisco Talos has identified a new threat actor, which we are naming "YoroTrooper," that has been running several successful espionage campaigns since at least June 2022. YoroTroopers main targets are government or energy organizations in Azerbaijan, Tajikistan, Kyrgyzstan and other Commonwealth of...

7.6AI score
Exploits0
hivepro
hivepro
added 2022/07/27 5:9 a.m.16 views

APT29 utilizes cloud storage service to deliver malicious payloads

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary APT29, a cyber espionage gang uses cloud storage services such as Google Drive and Dropbox to distribute malware to compromised systems. The gang used a phishing campaign that targeted several Western diplomatic...

1.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2020/01/04 12:13 a.m.96 views

How the US Prepares Its Embassies for Potential Attacks

In addition to securing physical structures, the Diplomatic Security Service runs simulations of protests in a model city in Virginia...

2.8AI score
Exploits0
ThreatPost
ThreatPost
added 2019/07/18 3:48 p.m.377 views

Ke3chang APT Linked to Previously Undocumented Backdoor

The Ke3chang cyberespionage group, a.k.a. APT15, Mirage, Playful Dragon or Vixen Panda, has been tied to a backdoor called Okrum that has been used to target diplomatic missions throughout Europe and Latin America. The attribution widens the scope of known Ke3chang activity, an APT believed to be...

7.8AI score
Exploits0References8
HackRead
HackRead
added 2019/04/29 4:11 p.m.39 views

Hackers targeting embassies with trojanized version of TeamViewer

By Ryan De Souza Researchers believe the trojanized version of TeamViewer is being spread by a Russian speaking hacker. The latest report from Check Point reveals that multiple embassies in Europe were targeted with a trojanized version of TeamViewer. The embassies affected in the latest wave of...

3.6AI score
Exploits0
Securelist
Securelist
added 2019/04/10 4:30 a.m.129 views

Gaza Cybergang Group1, operation SneakyPastes

Gaza Cybergangs is a politically motivated Arabic-language cyberthreat actor, actively targeting the MENA Middle East North Africa region, especially the Palestinian Territories. The confusion surrounding Gaza Cybergang's activities, separation of roles and campaigns has been prevalent in the cyb...

0.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2017/09/01 11:39 a.m.79 views

Russian Hacking Tools Codenamed WhiteBear Exposed

Kaspersky Labs exposed a highly sophisticated set of hacking tools from Russia called WhiteBear. From February to September 2016, WhiteBear activity was narrowly focused on embassies and consular operations around the world. All of these early WhiteBear targets were related to embassies and...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2017/08/30 3:18 p.m.15 views

Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies

A toolset belonging to the Russian-speaking Turla APT has been publicly disclosed, and along with it details on its capabilities and indicators of compromise. The tools, called WhiteBear, were used to attack defense organizations as recently as June, and diplomatic targets in Europe, Asia and Sou...

7.1AI score
Exploits0References4
Rows per page
Query Builder