-
SonicWall says state-sponsored hackers behind September security breach
SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack.
- November 05, 2025
- 12:13 PM
1
-
MuddyWater’s DarkBit ransomware cracked for free data recovery
Cybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang's encryptors, allowing them to recover a victim's files for free without paying a ransom.
- August 11, 2025
- 10:31 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
BadPilot network hacking campaign fuels Russian SandWorm attacks
A subgroup of the Russian state-sponsored hacking group APT44, also known as 'Seashell Blizzard' and 'Sandworm', has been targeting critical organizations and governments in a multi-year campaign dubbed 'BadPilot.'
- February 12, 2025
- 12:00 PM
- 0
-
Google says hackers abuse Gemini AI to empower their attacks
Multiple state-sponsored groups are experimenting with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets.
- February 01, 2025
- 12:14 PM
- 3
-
North Korean govt hackers linked to Play ransomware attack
The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions.
- October 30, 2024
- 11:55 AM
- 0
-
Dutch Police: ‘State actor’ likely behind recent data breach
The national Dutch police (Politie) says that a state actor was likely behind the data breach it detected last week.
- October 03, 2024
- 02:56 PM
- 3
-
Hackers now use AppDomain Injection to drop CobaltStrike beacons
A wave of attacks that started in July 2024 rely on a less common technique called AppDomain Manager Injection, which can weaponize any Microsoft .NET application on Windows.
- August 23, 2024
- 12:31 PM
- 0
-
Chinese hacking groups team up in cyber espionage campaign
Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace
- June 05, 2024
- 04:06 PM
- 0
-
Russian Sandworm hackers pose as hacktivists in water utility breaches
The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups.
- April 17, 2024
- 01:08 PM
- 0
-
Palo Alto Networks zero-day exploited since March to backdoor firewalls
Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials.
- April 13, 2024
- 08:35 AM
- 0
-
OpenAI blocks state-sponsored hackers from using ChatGPT
OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT.
- February 15, 2024
- 10:56 AM
- 1
-
Ukraine: Hack wiped 2 petabytes of data from Russian research center
The Main Intelligence Directorate of Ukraine's Ministry of Defense claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, aka "planeta" (планета), and wiped 2 petabytes of data.
- January 26, 2024
- 11:59 AM
- 8
-
Hacking group 'ModifiedElephant' evaded discovery for a decade
Threat analysts have linked a decade of activity to an APT (advanced persistent threat) actor called 'ModifiedElephant', who has managed to remain elusive to all threat intelligence firms since 2012.
- February 10, 2022
- 03:02 PM
- 0
-
Twitter removes 3,400 accounts used in govt propaganda campaigns
Twitter today announced the permanent removal of more than 3,400 accounts linked to governments of six countries running manipulation or spam campaigns.
- December 02, 2021
- 03:28 PM
- 1
-
State-backed hackers breach telcos with custom malware
A previously unknown state-sponsored actor is deploying a novel toolset in attacks targeting telecommunication providers and IT firms in South Asia.
- October 18, 2021
- 01:28 PM
- 0
-
Microsoft: Russian state hackers behind 53% of attacks on US govt agencies
Microsoft says that Russian-sponsored hacking groups are increasingly targeting US government agencies, with roughly 58% of all nation-state attacks observed by Microsoft between July 2020 and June 2021 coming from Russia.
- October 08, 2021
- 07:04 AM
- 4
-
Twitter Removes State-backed Actors Conducting Information Campaigns
Twitter has removed another batch of state-sponsored actors performing information campaigns on Twitter. The detected operations announced today involved Qatar, Iran, Yemen, Ecuador, Saudi Arabia, Spain, China, and Hong Kong.
- September 20, 2019
- 10:17 AM
- 1
-
State-Sponsored Actors Focus Attacks on Asia
Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe."
- November 14, 2018
- 09:15 AM
- 0
