Mind the (air) gap: GoldenJackal Targets Government Systems
New insights into GoldenJackal’s sophisticated toolsets, which have been used to carry out cyberespionage activities across Europe, South Asia, and the Middle East since 2019.
Espionage
Iranian Cyber Espionage Campaign Targets Swedish SMS Service in Data Breach
The attack targeted a Swedish company that manages a mass SMS service. According to a preliminary investigation led by the Swedish Security Police (Säkerhetspolisen), the breach was orchestrated by the Iranian Islamic Revolutionary Guard Corps (IRGC).
SloppyLemming Espionage Campaign Targets South and East Asia
On September 24, 2024, Cloudforce One published an extensive investigation into a sophisticated espionage campaign orchestrated by the advanced threat actor known as SloppyLemming.
Mandiant Exposes the Threat of North Korean IT Workers Posing as Foreign Nationals
On September 23, 2024, Mandiant released a comprehensive report on the persistent threat posed by North Korean IT workers. Operating under the guise of non-North Korean nationals, these workers infiltrate companies globally to evade sanctions and generate revenue for the North Korean regime.
Russian State-Sponsored Mobile Threats: A Decade of Espionage and Surveillance
On September 22, 2024, @BushidoToken released a threat intelligence report uncovering a decade of underreported Russian mobile espionage campaigns targeting Android and iOS users.
Crimson Palace Resurfaces: Chinese Cyberespionage Campaign Expands in Southeast Asia
Sophos X-Ops released a report detailing renewed cyberespionage efforts by what they assess with high confidence as a Chinese state-directed cyber operation.
Cyber Espionage and Financial Threats Targeting Mexico
Mandiant and Google’s Threat Analysis Group (TAG) released a joint report providing critical insights into the cyber threat landscape impacting Mexico. This report uncovers the ongoing cyber espionage operations and financially motivated cyber attacks aimed at Mexican users and enterprises.