Some cyber-espionage outfits are so advanced that it takes months of sleuthing and digging through malware code to discover the ways they've carried out some of their hacks.
Towards the end of 2017, Chinese cyber-spies have engaged in a hacking spree that targeted at least four US think tanks and an additional two non-governmental organizations (NGOs), researchers from US firm Crowdstrike revealed in a report published last week.
Security researchers from FireEye's Mandiant investigative division have spotted a new form of malware that's capable of targeting industrial equipment. FireEye named this malware TRITON and said they've spotted a threat actor deploying it in live attacks.
A cyber-criminal group believed to be operating out of Russian-speaking territories has hit at least 20 banks and financial companies and stolen millions of US dollars in the process.
Behzad Mesri, the Iranian national the US has accused of hacking HBO this year, is part of an elite Iranian cyber-espionage unit known in infosec circles as Charming Kitten, according to a report released yesterday by Israeli firm ClearSky Cybersecurity.
US authorities have acted on one of the worst-kept secrets in cyber-security and have filed official charges against three Chinese hackers part of one of China's elite cyber-espionage unit.
The Chinese vulnerability disclosure program is lagging behind when it comes to publishing details about critical flaws and vulnerabilities exploited by Chinese-linked cyber-espionage groups.
A cyber-espionage group believed to be operating out of China has been deploying malware in the past two years that disguises as control panel link (CPL) files.
Chinese hackers, once some of the most careless and noisy hackers around, have become very careful and much more strategic at choosing the targets they go after.
Several security firms have come forward today with evidence that shows links connecting the Bad Rabbit ransomware outbreak that happened yesterday with the NotPetya ransomware outbreak that took place at the end of June, this year.
A Russian cyber-espionage group has tried to infect security researchers with malware via a spear-phishing campaign that can easily receive a Pwnie Awards nomination for one of the year's biggest epic fails.
A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week.
A remote access trojan (RAT) known as Hacker's Door has resurfaced in active infections after being seen the last time in 2004-2005.
Five former employees told Reuters that Microsoft quietly dealt with a hack of its vulnerabilities and bug reports database back in 2013 without telling anyone.
Last week, Adobe claimed it wouldn't release security updates for the first time since July 2012 because it had nothing to patch. Less than six days later, the company released a critical update for Flash Player that fixes a zero-day vulnerability exploited in live attacks.
A group of hackers is using a sophisticated technique of hijacking ongoing email conversations to insert malicious documents that appear to be coming from a legitimate source and infect other targets participating in the same conversational thread.
During their investigation of NetTravler, Kaspersky Lab researchers discovered an unusual backdoor that could have helped another attacker access one of their main servers, and then use the group's infrastructure or steal data.
Earlier today, Avast published a full list of companies affected by the second-stage CCleaner malware, as part of its ongoing investigation into the CCleaner hack that took place last week.
The CCleaner hack that took place over the summer and came to light this week might have been carried out by an infamous cyber-espionage group believed to be operating out of China.
According to a new law voted in 2016 and which came into effect starting June 1, 2017, foreign companies activating in China could be forced to provide access to their source code to a state agency that has been recently linked to China's nation-state cyber-espionage campaigns.