Tag: nation state
398 articles
China's Military Presence Normalizes in Indo-Pacific Waters
China's recent live-fire drills in the Tasman Sea and plans for future exercises signal a new era of normalized military presence in Indo-Pacific waters, with projections suggesting this assertive approach could become the norm by 2036. This shift marks a significant change in how Beijing deploys its force beyond its shores.
Russia Targets Signal Users in Germany with Social Engineering Hacks
Stay vigilant, especially when it comes to trusted messaging apps like Signal - a recent wave of social-engineering attacks in Germany targeted government officials, exploiting user trust rather than any technical flaw. Signal has assured users that its encryption and infrastructure remain secure, but warns that these types of attacks can still compromise user safety.
India's Air Force Boosts Indigenous Fighter Production
The Indian Air Force is taking a major leap forward with a significant boost to its indigenous fighter production, a crucial move to strengthen its defense capabilities. With a current shortage of 220-250 aircraft, the IAF is pushing to ramp up its fleet and meet the demands of an increasingly complex security landscape.
US Charges Scattered Spider Hacker with Extortion, Cyber Intrusion
A 19-year-old hacker, known online as "Bouquet," has been arrested in Finland and charged in the US with extortion and cyber intrusion as a key player in the notorious Scattered Spider hacking collective. The dual US and Estonian citizen was caught at Helsinki airport while trying to flee to Japan.
Ransomware Groups Clash in Turf War, Exposing Each Other's Operations
In a shocking display of cyber turf warfare, ransomware groups are clashing and exposing each other's operations, with one group, KryBit, firing back at 0APT with a defiant message. The online battle began when 0APT claimed to have taken down three rival groups, but its boasts only sparked a retaliatory strike.
China Hacker Extradited Over Silk Typhoon Cyber Attacks
In a major breakthrough, 34-year-old Chinese national Xu Zewei has been extradited to the US to face charges for his alleged role in the massive Silk Typhoon cyber attacks that hit over 12,700 US organizations. Xu appeared in a Houston federal court over the weekend, facing serious charges including wire fraud, unauthorized computer access, and identity theft.
China's Silk Typhoon Hacker Extradited to US Over COVID Cyberattacks
A Chinese hacker, Xu Zewei, has been extradited to the US from Italy for masterminding a series of devastating cyberattacks on US universities, immunologists, and virologists working on COVID-19 vaccines, treatments, and testing between 2020 and 2021. He faces charges of wire fraud and conspiracy for his role in the attacks.
North Korean Hackers Exploit Crypto Firms with AI-Driven Zoom Lures
North Korean hackers launched a massive spear-phishing campaign, targeting over 100 crypto organizations worldwide with cleverly crafted Zoom lures and AI-generated deepfakes. They used fake calendar invites and typosquatted meeting links to gain access and exfiltrate sensitive data in a matter of minutes.
Russia Unveils S-71K Air-Launched Missile Details Amid Wartime Development Push
Russia's latest military advancement, the S-71K air-launched missile, has been unveiled amid a wartime development push, with Ukraine's intelligence agency releasing a detailed breakdown of the missile's design and components. The S-71K Kovyor, or Carpet, boasts a cutting-edge, low-observable shape, indicating a significant leap in missile manufacturing technology.
US Charges Chinese National in Silk Typhoon Cyber Attacks
A Chinese national, Xu Zewei, has been extradited to the US from Italy to face charges for his alleged role in the notorious HAFNIUM cyber attacks, a vast intrusion campaign that compromised over 12,700 US organizations. Xu's arrival in US court marks a significant step in holding him accountable for his actions.
Supply-Chain Attack Targets Security, Dev Tools with Credential Theft
Malicious hackers are exploiting the very tools developers rely on, including security scanners and password managers, to steal sensitive credentials and gain unauthorized access. This latest supply-chain attack has already hit major players like Checkmarx, compromising their GitHub repository and potentially putting customer data at risk.
Ex-DOD Leaders Challenge Pentagon's Anthropic Designation as Illegal
Former national security officials are challenging the Pentagon's designation of Anthropic as a supply-chain risk, calling it a politically motivated move that's legally flawed and actually undermines national security. They argue that the designation was a misuse of authorities meant to address genuine threats, rather than a legitimate national security concern.
North Korean Hackers Exploit Fake Zoom Meetings to Target Crypto Executives
North Korean hackers are using a sneaky tactic to target crypto executives: they pose as legitimate meeting attendees, harvesting video and audio to make future scams more convincing. They start by sending Calendly invites for fake catch-up meetings, then swap the link with a fake Zoom or Teams URL to gain their victim's trust.
US Charges Chinese Hacker in Cyberespionage Case
The US Department of Justice has extradited Chinese national Xu Zewei from Italy to face charges of conducting cyberespionage operations on behalf of China's intelligence services, targeting victims including COVID-19 researchers. Xu's alleged hacking activities, directed by China's Ministry of State Security, spanned over a year, from February 2020 to June 2021.
Pentagon Bolsters AI Arsenal with Google's Latest Model
The Pentagon has supercharged its AI capabilities with Google's cutting-edge model, Gemini 3.1 Pro, now available on its enterprise generative-AI platform, GenAI.mil, marking a major milestone in American AI innovation. This powerful tool is set to revolutionize defense operations and will also be accessible to federal government users.
Fast16 Malware Exposes Pre-Stuxnet Cyber Warfare Roots
Meet fast16, a sneaky malware framework that's been around since 2005 - five years before the infamous Stuxnet - and is designed to quietly sabotage high-precision software by subtly altering numerical results. This stealthy approach can cause systems to fail, wear out faster, or produce false conclusions, making it a chilling precursor to modern cyber warfare.
PhantomCore Exploits TrueConf Flaws to Breach Russian Networks
Researchers Daniil Grigoryan and Georgy Khandozhko revealed that PhantomCore attackers exploited a chain of three TrueConf Server vulnerabilities, including insufficient access control and file reading flaws, to breach Russian networks. This sophisticated attack highlights the importance of addressing these critical vulnerabilities to protect against potential threats.
Researchers Uncover Fast16 Malware That Preceded Stuxnet
Meet fast16.sys, a sneaky kernel driver that intercepts and modifies executable code as it's read from disk, giving its creators unprecedented control over the storage stack and filesystem. This boot-start filesystem component was a game-changer in its time, and researchers are still unraveling its secrets.
China Acquires Soviet T-72 Tanks Through Romania
In a surprising move, China acquired Soviet T-72 tanks through Romania, with several of the 31 imported tanks quietly transferred to China for evaluation in the late 1970s. This acquisition was part of a long-running effort to understand and match Soviet tank design, sparked by the 1969 Zhenbao clash where Soviet T-62 tanks demonstrated clear technological superiority over Chinese armor.
Researchers Uncover 'fast16' Malware Targeting Engineering Software Years Before Stuxnet
Researchers have uncovered a long-forgotten malware, fast16, that was designed to sabotage engineering software, beating even the infamous Stuxnet by at least five years. This ancient cyber threat, dating back to 2005, was engineered to spread rapidly and produce inaccurate calculations across entire facilities.
US Warns of China’s Industrial-Scale AI Model Theft Campaigns
The White House has sounded the alarm on China's large-scale AI model theft campaigns, warning that stolen models, although imperfect, can still pose a significant threat. Unauthorized AI model distillation can enable foreign entities to develop knockoff versions with potentially damaging consequences.
TGR-STA-1030 Intensifies Espionage Push in Central, South America
The threat group TGR-STA-1030 is ramping up its espionage efforts in Central and South America, with sustained and widespread activity observed across multiple countries since February. This persistent campaign has recently intensified, with a heavy focus on regions within Central and South America.
Firestarter Malware Evades Cisco Firewall Updates, Persists Across Reboots
A custom backdoor called Firestarter has been discovered evading Cisco firewall updates and persisting across reboots, posing a significant threat to cybersecurity. This sophisticated malware is attributed to a threat actor linked to cyberespionage campaigns, including the notorious ArcaneDoor operation.
CISA Exposes Persistent FIRESTARTER Backdoor in Cisco Devices
CISA and NCSC have uncovered a sneaky FIRESTARTER backdoor lurking in Cisco devices, allowing hackers to regain control even after patches are applied. This persistent threat can leave devices vulnerable to re-entry, putting your entire network at risk.