espionage group – Experimental News Clipping Site

The Register: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign

Sep 27, 2025

—

by

Source URL: https://www.theregister.com/2025/09/27/rednovember_chinese_espionage/ Source: The Register Title: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign Feedly Summary: Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the…

Cisco Talos Blog: How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking

Sep 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/ Source: Cisco Talos Blog Title: How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking Feedly Summary: Talos discovered that a new PlugX variant’s features overlap with both the RainyDay and Turian backdoors AI Summary and Description: Yes Summary: Cisco Talos has identified a new variant of the PlugX…

The Register: Salt Typhoon used dozens of domains, going back five years. Did you visit one?

Sep 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/08/salt_typhoon_domains/ Source: The Register Title: Salt Typhoon used dozens of domains, going back five years. Did you visit one? Feedly Summary: Plus ties to the Chinese spies who hacked Barracuda email gateways Security researchers have uncovered dozens of domains used by Chinese espionage crew Salt Typhoon to gain stealthy, long-term access to victim…

Cloud Blog: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats

Aug 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/prc-nexus-espionage-targets-diplomats/ Source: Cloud Blog Title: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats Feedly Summary: Written by: Patrick Whitsell In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, multifaceted campaign attributed to the PRC-nexus threat actor UNC6384. The campaign targeted diplomats in Southeast Asia and other entities…

Cisco Talos Blog: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/static-tundra/ Source: Cisco Talos Blog Title: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices Feedly Summary: A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering. AI Summary and Description: Yes Summary: The text provides…

Cloud Blog: Top 25 blogs of 2025… so far

Jul 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/gcp/most-read-blogs-from-h1-2025/ Source: Cloud Blog Title: Top 25 blogs of 2025… so far Feedly Summary: Six months into 2025, we’ve already published hundreds of posts here on the Google Cloud blog. We asked ourselves, why wait until the busy end of the year to review your favorites? With everything from new AI models, product…

The Register: UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies

Jul 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/20/uk_microsoft_snooping_russia/ Source: The Register Title: UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies Feedly Summary: Fancy Bear can’t keep its claws out of Outlook inboxes The UK government is warning that Russia’s APT28 (also known as Fancy Bear or Forest Blizzard) has been deploying previously unknown malware to harvest Microsoft…

The Register: New Russian cyber-spy crew Laundry Bear joins the email-stealing pack

May 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/05/27/new_russian_cyberspy_crew_laundry_bear/ Source: The Register Title: New Russian cyber-spy crew Laundry Bear joins the email-stealing pack Feedly Summary: Dutch intel services, Microsoft go big-game hunting A previously unknown Kremlin-linked group has conducted cyber-espionage operations against Dutch police, NATO member states, Western tech companies, and other organizations of interest to the Russian government since at…

Cloud Blog: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

Apr 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ Source: Cloud Blog Title: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) Feedly Summary: Written by: John Wolfram, Michael Edie, Jacob Thompson, Matt Lin, Josh Murchie On Thursday, April 3, 2025, Ivanti disclosed a critical security vulnerability, CVE-2025-22457, impacting Ivanti Connect Secure (“ICS”) VPN appliances version 22.7R2.5 and…

The Register: Expired Juniper routers find new life – as Chinese spy hubs

Mar 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/12/china_spy_juniper_routers/ Source: The Register Title: Expired Juniper routers find new life – as Chinese spy hubs Feedly Summary: Fewer than 10 known victims, but Mandiant suspects others compromised, too Chinese spies have for months exploited old Juniper Networks routers, infecting the buggy gear with custom backdoors and gaining root access to the compromised…

Tag: espionage group