cyber espionage | Breaking Cybersecurity News | The Hacker News

We have discussed many times in our stories the network of Intelligent devices , their capabilities and the possibilities that cyber criminals could exploit them for illegal activities. Hidden chips are used by cyber criminals and state-sponsored hackers to infiltrate company networks and organizations for various purposes, to send out spam or for cyber espionage . The fact has happened in Russia, the State-owned channel Rossiya 24 has showed the images of an electric iron included in a batch of Chinese imports where the operators find a chip used for spying the environment surround. China is planting Microchips practically in every electrical device, as recently it has been discovered that the  electric iron  and kettles were modified with this technique to launch spam attacks. The Microchips were equipped with a little microphone and according to the correspondent the component were mostly being used to serve malware and the chips in fact are able to connect any co

Son of a Baptist Minister, 28-year-old British man named Lauri Love has been charged with hacking into the computer systems of the US army, NASA and other federal agencies. He was arrested Friday at his home in Stradishall, England by the National Crime Agency and according to the indictment alleges Love and his unnamed co-conspirators hacked into thousands of computer systems between October 2012 and October 2013. The indictment does not accuse Love of selling information or doing anything else with it for financial gain. His father Alexander Love, 60, a Baptist minister, works as a chaplain at HMP Highpoint North. His mother Sirkka-Liisa Love, 59, also works at the jail as a teacher. He is charged with one count of accessing a U.S. Department or agency computer without authorization and one count of conspiracy. The government said the purpose was to disrupt the operations and infrastructure of the federal government.  They stole data on more than 5,000 individuals, as well as info

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Israel is considered one of the most advanced country in cyber security, but at the same time is a privileged target for hostile governments intent in sabotage and cyber espionage on his technology. Yesterday, Cybersecurity experts revealed that a major artery in Israel's national road network located in the northern the city of Haifa suffered a cyber attack, that caused massive traffic congestion in the City. Isreal military officials are aware of cyber threats that could hit the infrastructure of the country and they afraid the possible effect of a cyber attack on a large scale. Israeli government websites suffer thousands of cyberattacks each day according Ofir Ben Avi, head of the government's website division. The Israel Electric Corp. confirmed that its servers register about 6,000 unique computer attacks every second. In June, Prime Minister Benjamin Netanyahu stated that Iran militia, Hezbollah and Hamas have targeted in numerous occasions Israel

Nation-state driven cyber attacks are routinely conducted on a global scale to defend national sovereignty and project national power. We are living in the cyber era, human conflict is involving also the fifth domain of warfare , the cyberspace . As never before disputes take place with blows of bits, militias of every government are developing cyber capabilities dedicating great effort for the establishment of cyber units . Network security company, FireEye, has released a report titled " World War C: Understanding Nation-State Motives Behind Today's Advanced Cyber Attacks " which describes the effort spent by governments in cyber warfare context, the document analyzes in detail the different approaches adopted by various countries in conducting nation-state driven cyber attacks . Security experts highlight the intensification of state-sponsored attacks for both cyber espionage and sabotage purpose, campaigns such as Moonlight Maze and Titan Rain or the destruc

The Wall Street Journal reported that Iranian hackers have successfully penetrated unclassified US Navy computers , the allegations were made by US officials that consider the attacks a serious intrusion within the Government network. " The U.S. Officials said the attacks were carried out by hackers working for Iran's government or by a group acting with the approval of Iranian leaders. The most recent incident came in the week starting Sept. 15, before a security upgrade, the officials said. Iranian officials didn't respond to requests to comment." US officials revealed that a group of Iranian state-sponsored hackers have repeatedly violated US Navy computer systems for cyber espionage purpose, despite no sensitive information has been leaked the event is considered very concerning. US Intelligence fears that such attacks could expose confidential information like the blueprints of a new cyber weapon. US officials added that Congress has been bri

Kaspersky Lab has identified another Chinese APT campaign , dubbed ' Icefog ', who targeted Governmental institutions, Military contractors, maritime / shipbuilding groups, telecom operators, industrial and high technology companies and mass media. The Hacking group behind the attack who carry out surgical hit and run operations , is an advanced persistent threat (APT) group, used a backdoor dubbed Icefog that worked across Windows and Mac OS X to gain access to systems. " The Mac OS X backdoor currently remains largely undetected by security solutions and has managed to infect several hundred victims worldwide ," the report  (PDF) said. This China-based campaign is almost two years old and follows the pattern of similar APT-style attacks where victims are compromised via a malicious attachment in a spear-phishing email, or are lured to a compromised website and infected with malware . The attackers embed exploits for several known vulnerabilities (CV

Russian Security Firm Kaspersky Lab has revealed that it has been following a sustained attack on South Korea by hackers seemingly based in North Korea.,  This new Cyber Espionage campaign dubbed "Kimsuky"  has targeted several South Korean think tanks. R esearchers believe the Kimsuky malware is most likely delivered via spear-phishing e-mails  and used multiple Dropbox email accounts "It's interesting that the drop box mail accounts iop110112@hotmail.com and rsh1213@hotmail.com are registered with the following "kim" names: kimsukyang and "Kim asdfa " The Kaspersky researchers revealed that the operation presents distinctive characteristics in its execution and logistics. The investigation started after the team of experts detected an unsophisticated spy program that communicated with it control server via a public e-mail server, an approach followed by too many amateur malware authors. Victims download a Trojan dropper which is used to download additional malwa

According to a new report, the world's biggest personal computer maker, Chinese firm Lenovo Group Limited has reportedly been banned from supplying equipment for  networks of the intelligence and defense services of Australia, the United States, Britain, Canada and New Zealand, due to hacking concerns. Sources from intelligence and defense entities in the UK and Australia have confirmed the ban introduced in the mid-2000s after intensive laboratory testing of its equipment. In 2006 it was disclosed that the US State Department had decided not to use 16,000 new Lenovo computers on classified networks because of security concerns. Serious backdoor vulnerabilities in hardware and firmware were apparently discovered during the tests which could allow attackers to remotely access devices without the knowledge of the owner. Lenovo, headquartered in Beijing, acquired IBM's personal computer business in 2005, after which IBM continued to sell servers and mainframes that we

McAfee Lab researchers issued a report on the large scale cyber attacks against South Korea that appear to be linked to hackers also specialized in cyber espionage . The attackers behind these recent attacks against South Korean infrastructure are skilled professionals and they designed a specialized malware to steal military secrets from the South Korea and US military networks. The cyber espionage campaign dubbed as " Operation Troy ", due the numerous references into the source code analyzed to the city. McAfee said that in 2009, malware was implanted into a social media website used by military personnel in South Korea Ryan Sherstobitoff, a senior threat researcher at McAfee, started the investigation after the malware came into action in an attacks occurred on March 20th, known as the Dark Seoul Incident , in which tens of thousands of hard drives belongs to television networks and banks in South Korea were wiped completely. Versions of the code

Security experts are confident that the Chinese hackers group known as Comment Crew is still operating under cover. " The Comment Crew is back again " this is the rumor within Intelligence community, researchers suspect the involvement of the group of hackers in the recent cyber dispute between U.S. and China. Let's make a step back, last February Mandiant Intelligence firm released an interesting report that revealed an enterprise-scale computer espionage campaign dubbed APT1. Mandiant linked the APT1 attacks, that compromised 141 organizations in seven years, to Chinese military unit called " 61398 ". The is very interesting is that the security firm identified a common pattern for the attacks conducted by Chinese hackers group, it was also able to define a series of key indicators for identifying ongoing APT attacks. Mandiant security firm had monitored the group during last years and report details its operations, it wasn't the only one FireEye is anoth

Russian President Vladimir Putin bluntly rejected U.S. pleas to extradite National Security Agency Whistleblower Edward Snowden on Tuesday, says since Snowden has not committed a crime in that country, the government will not extradite him back. Putin said, "Mr. Snowden is a free man," Snowden did not cross the Russian border, implying that he is still in the Moscow airport's transit zone, a sort of diplomatic neutral space. " He arrived as a transit passenger – he didn't need a visa, or other documents, " Putin said. After arriving Sunday on a flight from Hong Kong, Snowden booked a seat on a Havana-bound flight from Moscow on Monday en route to Venezuela and then possible asylum in Ecuador, but he didn't board the plane. " The sooner he selects his final destination point, the better both for us and for himself ," Putin said. White House Press Secretary Jay Carney on Monday urged Russia to ultimately turn him over. " We do ex

Since 2010, foreign state sponsored organizations have repeatedly compromised an unencrypted database maintained by the Veterans Affairs Department that contains personally identifiable information on roughly 26 million veterans. Including at least eight foreign-sponsored organizations, mostly connected to the Chinese military had successfully compromised VA networks and data.  Other than this, possibly Russia were identified as likely culprits in the attempts to steal VA data. Details regarding exactly what information has been compromised are sparse, but unencrypted data included names, dates of birth and Social Security numbers of veterans that could be used to commit credit and identity fraud. Lack of basic security controls, such as encryption of data, make VA an easy target. The 2006 breach was caused by the theft of a VA employee's laptop, which contained personal information on about 26 million veterans and military personnel. From another report, The Marc

A global cyber espionage campaign affecting over 350 high profile victims in 40 countries, appears to be the work of Chinese hackers using a Surveillance malware called " NetTraveler ". Kaspersky Lab's team of experts published a new research report about NetTraveler, which is a family of malicious programs used by APT cyber crooks. The main targets of the campaign, which has been running since 2004, are Tibetan/Uyghur activists, government institutions, contractors and embassies, as well as the oil and gas industry. Spear phishing emails were used to trick targets into opening malicious documents . The attackers are using two vulnerabilities in Microsoft Office including Exploit.MSWord.CVE-2010-333, Exploit.Win32.CVE-2012-0158, which have been patched but remain highly-popular on the hacking scene, and have run NetTraveler alongside other malware. C&C servers are used to install additional malware on infected machines and exfiltrate stolen data and more

As concerns are growing regarding Chinese hacking attacks, the country will undergo its first digital war games. Only two days after the U.S. has attributed cyber espionage attacks against U.S. government and business entities to the Chinese Government and Military, it was announced that the Chinese will soon be conducting digital war games for the first time in the country's history. " It will be the first time a People's Liberation Army exercise has focused on combat forces including digitized units, special operations forces, army aviation and electronic counter forces, " the report said. The timing of the digital war games is also interesting, since it will coincide with a meeting between President Barack Obama and Chinese President Xi Jinping next week as Washington's level of concern rises regarding Chinese hacking of US military networks. The army's general staff department said eight military academies and forces from the Beijing Military Area Comman

According to report published by for the Defense Department and government and defense industry officials, Chinese hackers have gained access to the designs of many of the nation's most sensitive advanced weapons systems. The compromised U.S. designs included those for combat aircraft and ships, as well as missile defenses vital for Europe, Asia and the Gulf, including the advanced Patriot missile system, the Navy's Aegis ballistic missile defense systems, the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the F-35 Joint Strike Fighter. The report comes a month before President Obama meets with visiting Chinese President Xi Jinping in California. The report did not specify the extent or time of the cyber-thefts, but the espionage would give China knowledge that could be exploited in a conflict, such as the ability to knock out communications and corrupting data. For the first time, the Pentagon specifically named the Chinese government a

In 2010, as part of what has been dubbed as Operation Aurora , Chinese hackers infiltrated a special database within Google's systems and gained access to a sensitive database worth of information about American surveillance targets.  Google reported the hack publicly years ago, saying that the sophisticated attack resulted in the theft of Google intellectual property and the partial compromise of some human rights activists' email accounts. When the news first surfaced in 2010, Google said hackers stole the source code behind its search engine, and targeted email accounts of activists critical of China's human rights record. But recently discovered that the hackers also obtained surveillance information, including emails belonging to suspected spies, diplomats and terrorists which law enforcement officials had been monitoring. Google reported this breach to the FBI, resulting in a national security investigation. According to the sources, hackers were after the names of

Cyber Security researchers have discovered a family of information stealing malware targeting Pakistan that originates out of India.  Norman Shark, the global security leader in malware analysis solutions for enterprises, service providers and government, today released a report detailing a large and sophisticated cyber-attack infrastructure that appears to have originated from India. The attacks, conducted by private threat actors over a period of three years and still ongoing, showed no evidence of state sponsorship but the primary purpose of the global command-and-control network appears to be intelligence gathering from a combination of national security targets and private sector companies. Attackers used known vulnerabilities in Microsoft software, chucking malware dubbed HangOver onto target machines, most of which were based in Pakistan, where 511 infections associated with the campaign were detected. HangOver installs keyloggers , takes screenshots and rec

In the recent months I had the opportunity to conduct an interesting study on the use of Social Media in the Military Sector, large diffusion of media platforms makes them very attractive for governments and intelligence agencies . Social media platforms reveal enormous potentiality that could be exploited also in critical sectors such as military and defense. Modern social media networks are actively used by every government, the US, China and Russia are the most active in this field, but also emerging cyber countries like Iran and North Korea demonstrates an increasing interest in the matter. The principal uses of social media for government are Psychological Operations (PsyOps) OSInt Cyber espionage Offensive purposes On May 10th the Illinois Air National Guard 183rd Fighter Wing published a notice in the monthly issue of a newsletter titled Falcon View. The notice, that seems to be authentic, dedicates a paragraph to the use of social networking sites for