What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-25 10:00:00 | Pole Voûte: cyber-menaces aux élections mondiales Poll Vaulting: Cyber Threats to Global Elections (lien direct) |
Written by: Kelli Vanderlee, Jamie Collier
Executive Summary The election cybersecurity landscape globally is characterized by a diversity of targets, tactics, and threats. Elections attract threat activity from a variety of threat actors including: state-sponsored actors, cyber criminals, hacktivists, insiders, and information operations as-a-service entities. Mandiant assesses with high confidence that state-sponsored actors pose the most serious cybersecurity risk to elections. Operations targeting election-related infrastructure can combine cyber intrusion activity, disruptive and destructive capabilities, and information operations, which include elements of public-facing advertisement and amplification of threat activity claims. Successful targeting does not automatically translate to high impact. Many threat actors have struggled to influence or achieve significant effects, despite their best efforts. When we look across the globe we find that the attack surface of an election involves a wide variety of entities beyond voting machines and voter registries. In fact, our observations of past cycles indicate that cyber operations target the major players involved in campaigning, political parties, news and social media more frequently than actual election infrastructure. Securing elections requires a comprehensive understanding of many types of threats and tactics, from distributed denial of service (DDoS) to data theft to deepfakes, that are likely to impact elections in 2024. It is vital to understand the variety of relevant threat vectors and how they relate, and to ensure mitigation strategies are in place to address the full scope of potential activity. Election organizations should consider steps to harden infrastructure against common attacks, and utilize account security tools such as Google\'s Advanced Protection Program to protect high-risk accounts. Introduction The 2024 global election cybersecurity landscape is characterized by a diversity of targets, tactics, and threats. An expansive ecosystem of systems, administrators, campaign infrastructure, and public communications venues must be secured against a diverse array of operators and methods. Any election cybersecurity strategy should begin with a survey of the threat landscape to build a more proactive and tailored security posture. The cybersecurity community must keep pace as more than two billion voters are expected to head to the polls in 2024. With elections in more than an estimated 50 countries, there is an opportunity to dynamically track how threats to democracy evolve. Understanding how threats are targeting one country will enable us to better anticipate and prepare for upcoming elections globally. At the same time, we must also appreciate the unique context of different countries. Election threats to South Africa, India, and the United States will inevitably differ in some regard. In either case, there is an opportunity for us to prepare with the advantage of intelligence. |
Ransomware Malware Hack Tool Vulnerability Threat Legislation Cloud Technical | APT 40 APT 29 APT 28 APT 43 APT 31 APT 42 | ★★★ |
|
2019-03-04 13:00:00 | APT40: Examiner un acteur d'espionnage en Chine-Nexus APT40: Examining a China-Nexus Espionage Actor (lien direct) |
Fireeye met en évidence une opération de cyber-espionnage ciblant les technologies cruciales et les cibles de renseignement traditionnelles d'un acteur parrainé par l'État de Chine-Nexus que nous appelons APT40.L'acteur a mené des opérations depuis au moins 2013 à l'appui de l'effort de modernisation navale de la Chine.Le groupe a spécifiquement ciblé l'ingénierie, le transport et l'industrie de la défense, en particulier lorsque ces secteurs chevauchent les technologies maritimes.Plus récemment, nous avons également observé un ciblage spécifique des pays stratégiquement importants pour l'initiative Belt and Road, notamment le Cambodge, la Belgique, l'Allemagne
FireEye is highlighting a cyber espionage operation targeting crucial technologies and traditional intelligence targets from a China-nexus state sponsored actor we call APT40. The actor has conducted operations since at least 2013 in support of China\'s naval modernization effort. The group has specifically targeted engineering, transportation, and the defense industry, especially where these sectors overlap with maritime technologies. More recently, we have also observed specific targeting of countries strategically important to the Belt and Road Initiative including Cambodia, Belgium, Germany |
APT 40 APT 40 | ★★★★ | |
|
2018-07-10 07:00:00 | Le groupe d'espionnage chinois Temp.Periscope cible le Cambodge avant les élections de juillet 2018 et révèle de larges opérations à l'échelle mondiale Chinese Espionage Group TEMP.Periscope Targets Cambodia Ahead of July 2018 Elections and Reveals Broad Operations Globally (lien direct) |
Introduction
Fireeye a examiné une gamme d'activités de périccope révélant un intérêt étendu pour la politique du Cambodge \\, avec des compromis actifs de plusieurs entités cambodgiennes liées au système électoral du pays.Cela comprend les compromis des entités gouvernementales cambodgienes chargées de superviser les élections, ainsi que le ciblage des chiffres de l'opposition.Cette campagne se déroule dans la mise en ligne vers les élections générales du 29 juillet 2018 du pays.Temp.Periscope a utilisé la même infrastructure pour une gamme d'activités contre d'autres cibles plus traditionnelles, y compris la base industrielle de la défense
Introduction FireEye has examined a range of TEMP.Periscope activity revealing extensive interest in Cambodia\'s politics, with active compromises of multiple Cambodian entities related to the country\'s electoral system. This includes compromises of Cambodian government entities charged with overseeing the elections, as well as the targeting of opposition figures. This campaign occurs in the run up to the country\'s July 29, 2018, general elections. TEMP.Periscope used the same infrastructure for a range of activity against other more traditional targets, including the defense industrial base |
Industrial | APT 40 | ★★★★ |
|
2018-03-15 23:00:00 | Group de cyber-espionnage chinois suspecté (Temp.Periscope) ciblant les industries de l'ingénierie américaine et maritime Suspected Chinese Cyber Espionage Group (TEMP.Periscope) Targeting U.S. Engineering and Maritime Industries (lien direct) |
Les intrusions se concentrent sur le secteur de l'ingénierie et de la maritime
Depuis le début de 2018, Fireeye (y compris notre Fireeye as a Service (FAAS), Mandiant Consulting et Isight Intelligence Teams) a suivi une vague continue d'intrusions ciblant les entités d'ingénierie et de maritime, en particulier celles liées aux problèmes de la mer de Chine méridionale.La campagne est liée à un groupe d'acteurs de cyber-espionnage chinois présumés que nous avons suivis depuis 2013, surnommé Temp.Periscope.Le groupe a également été signalé comme « Leviathan ”par d'autres sociétés de sécurité.
La campagne actuelle est une forte escalade de l'activité détectée
Intrusions Focus on the Engineering and Maritime Sector Since early 2018, FireEye (including our FireEye as a Service (FaaS), Mandiant Consulting, and iSIGHT Intelligence teams) has been tracking an ongoing wave of intrusions targeting engineering and maritime entities, especially those connected to South China Sea issues. The campaign is linked to a group of suspected Chinese cyber espionage actors we have tracked since 2013, dubbed TEMP.Periscope. The group has also been reported as “Leviathan” by other security firms. The current campaign is a sharp escalation of detected activity |
APT 40 | ★★★★ |
1
We have: 4 articles.
We have: 4 articles.
To see everything:
Our RSS (filtrered)
