Summary

At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using an already existing vulnerability in Orion to penetrate networks: Two people briefed on the case said FBI investigators recently found that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among the affected organizations, raising fears that data on thousands of government employees may have been compromised. […] Reuters was not able to establish how many organizations were compromised by the suspected Chinese operation. The sources, who spoke on condition of anonymity to discuss ongoing investigations, said the attackers used computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies...

...more

Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments

Published: 2020-05-12 12:18:31

Popularity: 4

Author: Trend Micro

Keywords:

USB

We found that Tropic Trooper’s latest activities center on targeting Taiwanese and the Philippine military’s physically isolated networks through a USBferry attack. We also observed targets among military/navy agencies, government institutions, military hospitals, and even a national bank. The group employs USBferry, a USB malware that performs different commands on specific targets, maintains stealth in environments, and steals critical data through USB storage. We started tracking this particular campaign in 2018, and our analysis shows that it uses a fake executable decoy and a USB trojan strategy to steal information. The post Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments appeared first on .

...more

Iranian Cyberespionage Tools Leaked Online

Published: 2019-04-19 13:12:31

Popularity: 151

Author: Bruce Schneier

Keywords:

LLM Says: ""Ouch, Iran got pwned""

The source code of a set of Iranian cyberespionage tools was leaked online....

...more