Chinese Hackers Target Japan with Revived ANEL Backdoor in Sophisticated Spear-Phishing Campaign
MirrorFace, a Chinese state-sponsored hacking group, has launched a new cyber espionage campaign against Japanese organizations using the resurrected ANEL backdoor malware. The sophisticated operation leverages spear-phishing emails with OneDrive links to deploy multiple backdoors, targeting individuals connected to Japan's national security.
New Pegasus Spyware Variants Discovered in Groundbreaking Mobile Security Study
Security firm iVerify uncovers seven new Pegasus spyware infections across iOS devices, revealing a higher-than-expected infection rate of 2.5 per 1,000 scans. The investigation marks a shift toward democratized threat detection by making professional security scanning accessible to everyday users.
Chinese State Hackers Infiltrate Major US Telecom Networks in Massive Espionage Campaign
A sophisticated Chinese hacking operation dubbed 'Salt Typhoon' has compromised eight US telecommunications companies, targeting high-ranking officials and political figures. The two-year campaign gained access to private communications while creating ongoing security risks that companies are still working to address.
Critical SailPoint Vulnerability Puts Protected Files at Risk with Maximum Severity Score
A severe security flaw in SailPoint's IdentityIQ software received the highest possible CVSS score of 10.0, potentially allowing unauthorized access to protected files. The vulnerability affects multiple versions of the identity management platform and requires immediate attention from system administrators.
U.S. Government Urges Shift to Encrypted Apps Following Major Chinese Cyberattack
Federal officials strongly recommend Americans adopt encrypted messaging apps after a massive Chinese espionage campaign compromised major U.S. telecommunications networks. The 'Salt Typhoon' breach exposed call records, conversations, and surveillance systems, prompting urgent cybersecurity guidance from CISA.
FBI Issues Alert Over Chinese Telecom Hacking Campaign Exposing U.S. Communications
A massive Chinese hacking operation dubbed 'Salt Typhoon' has compromised U.S. telecommunications networks, exposing call data and messages of American citizens. The FBI and international partners have issued urgent guidance while investigating the breach that specifically targeted government officials and law enforcement data.
Texas Engineering Firm ENGlobal Hit by Disruptive Ransomware Attack
Houston-based ENGlobal Corporation, a key contractor for U.S. government agencies, faces operational disruption following a ransomware attack discovered on November 25. The engineering firm has engaged cybersecurity experts while working to restore critical systems and assess potential data theft.
Russian Email Addresses Exploited by North Korean Kimsuky Hackers in Credential Theft Campaign
North Korean hacking group Kimsuky has adapted its phishing tactics by leveraging Russian email addresses, particularly Mail.ru services, to steal user credentials. The sophisticated operation involves impersonating financial institutions and popular portals, highlighting the evolving nature of cyber threats.
Howling Scorpius: The Dangerous Ransomware Group Threatening Global Organizations
A sophisticated ransomware operation known as Howling Scorpius has emerged as a major cyber threat in 2023, targeting organizations worldwide with double extortion tactics. The group operates the Akira ransomware platform, exploiting vulnerabilities across multiple sectors including education, government, and manufacturing.
UK's Cyber Security Chief Warns of Widening Gap Between Threats and Defenses
Britain's NCSC reports a 16% surge in cyber incidents during 2024, with ransomware attacks threatening critical infrastructure. The agency's chief, Richard Horne, emphasizes the urgent need to strengthen cyber defenses amid increasing sophisticated attacks from state actors.