Yazılar

Suspected Russian Hackers Use Sophisticated New Tactic to Target UK Researcher

/in /tarafından

Suspected Russian hackers deployed a novel and highly convincing tactic to trick British researcher Keir Giles into compromising his own accounts, according to Giles and cybersecurity experts.

Last month, the hackers impersonated a U.S. State Department official named “Claudie Weber” who contacted Giles via email to arrange a meeting requiring use of a secure government app. Although the email came from a Gmail address, the communication was fluent, idiomatic, and included apparent State Department colleagues copied on the exchange. Giles, a seasoned expert on Russia and espionage, was usually wary but was eventually deceived by the professionalism and persistence over nearly two weeks.

Giles provided an app-specific password—a credential that grants third-party app access but can bypass regular password protections—thus exposing his account.

Alphabet’s Google attributed the attack to the Russian government, citing similarities to prior campaigns. The Russian Foreign Ministry did not respond to inquiries. Giles described the operation as seamless, with no obvious red flags even in hindsight.

Cybersecurity researchers from Citizen Lab noted the attack’s fluency might indicate the use of advanced AI, such as large language models, to craft convincing messages—marking a significant upgrade from typical error-ridden phishing attempts. They also pointed out that the hackers exploited the lack of error messages when sending emails to fake State Department addresses.

This sophisticated social engineering attack highlights evolving cyber threats where even cautious experts can be deceived by carefully orchestrated campaigns.

The U.S. State Department did not immediately comment on the incident.

Viasat Confirmed as Victim of Chinese Salt Typhoon Cyberespionage Campaign

/in /tarafından

Satellite communications firm Viasat Inc has been identified as a victim of the Salt Typhoon cyberespionage operation linked to China during the 2024 U.S. presidential campaign, Bloomberg News reported on Tuesday, citing sources familiar with the investigation.

The breach was discovered earlier this year. Viasat, working alongside a government investigation and an independent cybersecurity partner, found evidence of unauthorized access through a compromised device but stated there was no evidence of customer data being affected.

“Viasat believes that the incident has been remediated and has not detected any recent activity related to this event,” the company said in a statement.

U.S. officials have previously accused Salt Typhoon hackers of breaching multiple telecom companies—including Verizon, AT&T, and Lumen—stealing sensitive telephone audio intercepts and extensive call records. In December, the government added a ninth unnamed telecom firm to the list of victims, revealing the hackers had broad network access to track millions of individuals and record phone calls.

Reportedly, Salt Typhoon targeted individuals connected to both major presidential campaigns, including those of Democrat Kamala Harris and Republican Donald Trump.

China has denied the allegations, labeling them as disinformation and asserting Beijing’s opposition to cyberattacks and cyber theft.

Italy’s Leonardo to Acquire European Cybersecurity Firm Amid Sector Expansion

/in /tarafından

Leonardo (LDOF.MI), Italy’s state-controlled aerospace and defense giant, is preparing to announce the acquisition of a European cybersecurity company, according to comments made Tuesday by Chairman Stefano Pontecorvo in an interview with Reuters.

While Pontecorvo did not disclose the identity of the target firm or specify a closing timeline, he emphasized the strategic importance of the deal. “Cybersecurity is an essential component in so-called multi-domain warfare, where everything is connected with everything,” he said. “Connections must be secure so that the enemy cannot use parts of a system.”

The move aligns with Leonardo’s broader strategy to consolidate and grow its cybersecurity operations, which the company sees as a critical pillar in modern defense architecture.

Back in October, CEO Roberto Cingolani confirmed the group was exploring multiple acquisition targets—both in Italy and abroad—adding that no deal would exceed 15% of the division’s annual turnover. He also projected double-digit growth for Leonardo’s cybersecurity segment in the years ahead.

Speaking at the Paris Airshow, Pontecorvo also signaled that the evolving and increasingly complex nature of cyber threats would likely encourage more collaborations across the defense and tech sectors, as the demand for specialized cybersecurity solutions grows.

The upcoming acquisition is expected to strengthen Leonardo’s positioning within European defense networks, as the continent accelerates digital and military integration in response to rising geopolitical tensions.