nation-state

Chinese State-Sponsored Cyber Espionage Activity Targeting Semiconductor Industry in East Asia
Executive Summary EclecticIQ analysts identified a cyber espionage campaign where threat actors used a variant of HyperBro loader with a Taiwan Semiconductor Manufacturing (TSMC) lure, likely to target the semiconductor industry in ...

‘Predator’ — Nasty Android Spyware Revealed
Intellexa mercenary spyware chains five unpatched bugs—plus ‘Alien’ technology ...

Exposed Web Panel Reveals Gamaredon Group’s Automated Spear Phishing Campaigns
Executive Summary On February 09, 2023, EclecticIQ analysts identified a spear phishing campaign targeting Ukrainian government entities like the Foreign Intelligence Service of Ukraine (SZRU) and Security Service of Ukraine (SSU). Analysts ...

Dark Pink APT Group Strikes Government Entities in South Asian Countries
Executive Summary In February 2023, EclecticIQ researchers identified multiple KamiKakaBot malwares which are very likely used to target government entities in ASEAN (Association of Southeast Asian Nations) countries. The latest attacks, which ...

A Year of the Russia-Ukraine War: Seven Types of Cyberattacks Used Against Ukraine
As EclecticIQ looks back at the year since Russia’s initial invasion of Ukraine, it is clear cyberattacks have been an important part of Russia’s arsenal. This assessment is based on the variety ...

Three Cases of Cyber Attacks on the Security Service of Ukraine and NATO Allies, Likely by Russian State-Sponsored Gamaredon
Executive Summary EclecticIQ researchers observed multiple weaponized phishing emails probably targeting the Security Service of Ukraine (SSU), NATO allies like Latvia, and private companies such as Culver Aviation - a Ukrainian aviation ...

Security Service of Ukraine and NATO Allies Potentially Targeted by Russian State-Sponsored Threat Actor
New and Noteworthy: Sandworm APT Group Attacked Ukrainian News Agency Ukrinform by Data Wiper Malwares On January 18, 2023, the Computer Emergency Response Team of Ukraine (CERT-UA) identified a data wiper malware ...

Year in review for 2022 – Where is Cybersecurity headed?
As another year wraps up, it’s time to take a look back at the cybersecurity trends that dominated the landscape. From the ongoing impact of the past years’ pandemic to major geopolitical ...

Malicious Use of Internet Information Services (IIS) Extensions Likely to Grow
Exploit Tools and Targets: Malicious Use of Internet Information Services (IIS) Extension Microsoft published a report on July 26th alerting defenders to the malicious use of Internet Information Services (IIS) extensions. As ...

Threat Actors Merging Malicious Activity With Cryptocurrency Show How the Attack Landscape is Developing in Decentralized Finance
Introduction Widespread implementation of decentralized finance (DeFi) systems since 2020 has created new fertile ground for a variety of threat actors to shift the development of cyberattack tactics, techniques, and procedures (TTPs) ...