Mind the (air) gap: GoldenJackal Targets Government Systems
New insights into GoldenJackal’s sophisticated toolsets, which have been used to carry out cyberespionage activities across Europe, South Asia, and the Middle East since 2019.
Asia
SloppyLemming Espionage Campaign Targets South and East Asia
On September 24, 2024, Cloudforce One published an extensive investigation into a sophisticated espionage campaign orchestrated by the advanced threat actor known as SloppyLemming.
Crimson Palace Resurfaces: Chinese Cyberespionage Campaign Expands in Southeast Asia
Sophos X-Ops released a report detailing renewed cyberespionage efforts by what they assess with high confidence as a Chinese state-directed cyber operation.
Chinese APT Exploits Visual Studio Code to Target Southeast Asian Governments
On September 6, 2024, Unit 42 researchers released a report detailing a new cyber espionage campaign by the Chinese Advanced Persistent Threat (APT) group known as "Stately Taurus."
Suspected Espionage Campaign Delivers "Voldemort" Malware Impersonating Tax Authorities
Proofpoint released a threat insight report detailing an unusual campaign delivering custom malware named "Voldemort". Researchers assess with moderate confidence that the goal of this activity is espionage.
ESET Uncovers Two Critical Code Execution Vulnerabilities in WPS Office, Exploited by APT-C-60
South Korea-aligned cyber espionage group APT-C-60 has exploited these vulnerabilities to target individuals in East Asian countries. ESET's research has uncovered the technical nuances of these exploits
Microsoft Sway Abused to Deliver Quishing Attacks
On August 27, 2024, Netskope Threat Labs reported a surge in traffic to phishing pages hosted on Microsoft Sway, a free web-based application within the Microsoft 365 suite. These phishing campaigns predominantly employed "Quishing," a technique using QR codes