A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye." Article US Indicts, Sancti...
While it’s tempting to focus on nation-state attacks as the most interesting cyberactivity from the past year, it would be a mistake to overlook other threats, particularly cybercrime, which impacts more users in the digital ecosystem than nation-state activity. Cybercriminals continue to act as...
Microsoft and Open AI detail how some nation-state actors have started to use large language models to gather intelligence.
Nation-State Actors Ramp Up Cyberattacks Michael Novinson • December 4, 2024 Nation-state attackers pose a growing cybersecurity threat driven by specific geopolitical or economic objectives. These actors often target organizations with valuable data, using advanced techniques such as reconnaissance,...
Health insurance company UnitedHealth Group said it is responding to a cyberattack by a nation-state threat actor impacting the IT systems of its Change Healthcare subsidiary. According to a filing with the SEC last week, UnitedHealth said it found out on Feb. 21 that the actors gained acces...
A bevy of new cybersecurity reports point to the continuing problem of nation-state-sponsored threat actors. The primary culprits have long been Russia, China, Iran, and North Korea, which all show up in recently published reports from Microsoft, IBM, Te
In 2022, we saw nation-state cyber threat groups move from exploiting the software supply chain to exploiting the IT services supply chain. These actors often targeted cloud solutions and managed services providers to reach downstream customers in government, policy, and critical infrastructure ...
Cybercriminals rent out compromised routers to other criminals, and most likely also makes them available to commercial residential proxy providers. Nation-state threat actors like Sandworm used their own dedicated proxy botnets, while APT group Pawn Storm had access to a criminal proxy botnet of Ubi...
Cuckoo Spear is related to the APT10 Intrusion Set because of the links made between various incidents from Threat Actors “Earth Kasha” (Trend Micro *) and “MirrorFace” including both APT10’s old arsenal (LODEINFO) and new arsenal identified in the Cybereason Threat Analysis Report. The...
While the effects of charging nation-state actors may not be tangible, indictments offer a way to publicly acknowledge the attacks and emerging threats, and the individuals behind them. "Generally speaking, these actions remind threat actors that cyberattacks will not occur without consequences,...