Geopolitics
State-sponsored attacks and advanced persistent threats
177 articles
Chinese hackers exploit Middle East instability to target maritime and energy companies
A new report from ESET reveals China-aligned APT groups, like Mustang Panda, are using regional conflict to conduct espionage against critical sectors
Iranian intelligence service behind hack of LA transit system, researchers say
A hacking group that targeted the LA Metro system was not an independent crew but a front for Iran's MOIS, a new report says, revealing a state-sponso
Pentagon official declares advanced AI is 'revolutionary warfare,' signaling a new cyber doctrine
A top DoD official's statement on AI as 'revolutionary warfare' reveals a strategic shift towards automated cyber offense and a new era of conflict.
Global shipping giant Maersk paralyzed by NotPetya cyberattack, exposing critical infrastructure vulnerabilities
A deep dive into the 2017 NotPetya cyberattack on Maersk, which crippled the shipping giant, cost $300M, and exposed global supply chain fragility.
European surveillance tech is fueling global repression despite bloc-wide rules, report finds
A Human Rights Watch report alleges EU countries are exporting surveillance tech to repressive regimes, undermining the bloc's own 2021 export rules.
The cyber front: Analyzing Russia's digital war against Ukraine
A deep dive into Russia's sustained cyber warfare campaign against Ukraine, detailing the wiper malware, critical infrastructure attacks, and global s
A decade-old report on foreign-fueled separatism in Alberta offers a modern lesson in disinformation
A decade-old, debunked report alleging foreign promotion of Alberta separatism serves as a key lesson in identifying and countering modern disinformat
Palo Alto Networks zero-day exploited in campaign with suspected Chinese state-actor ties
A critical zero-day in Palo Alto Networks' firewalls (CVE-2024-3400) was exploited by a suspected Chinese state actor to breach high-value networks.
Polish water plants breached in coordinated attack on industrial controls
A detailed analysis of the coordinated cyberattacks on five Polish water treatment plants, which gave hackers control over industrial systems.
Russia's digital iron curtain: Analyzing the shift from internet blackouts to radio broadcasts
An analysis of Russia's recent internet shutdowns in border regions and its strategic pivot towards state-controlled radio for information control.
Russia is ramping up its attempts to kill opponents in Europe, intelligence officials say
European intelligence officials warn that Russia is intensifying its campaign to target opponents on European soil using a mix of physical and cyber t
Beyond the missiles: The digital shadow war between Iran and the UAE
While missile interceptions make headlines, a persistent cyber conflict rages. We analyze the Iranian APT groups targeting UAE's critical infrastructu
The silent front: Analyzing the cyber war in Ukraine
An in-depth analysis of the cyber warfare front in the Russia-Ukraine conflict, detailing the key attacks, technical methods, and defensive lessons.
Kinetic strike, cyber impact: Analyzing the Ukrainian drone attack on Russia's Nizhny Novgorod oil refinery
A deep-dive analysis of the Ukrainian drone attack on a Russian oil refinery, exploring its impact on critical infrastructure and cyber-physical secur
Ukrainian drone strikes on Russian oil refineries signal a new era of hybrid warfare
A detailed analysis of how Ukrainian drone strikes on Russian oil refineries exemplify a new form of hybrid warfare, blending cyber intelligence with
The silent strike: How cyberattacks on energy infrastructure define the war in Ukraine
While physical strikes on Russian oil dominate headlines, a silent war against Ukraine's energy grid reveals the blueprint for modern hybrid warfare.
China-linked hackers target Asian governments, NATO state, journalists, and activists
A newly identified China-aligned hacking group, SHADOW-EARTH-053, is targeting Asian governments, a NATO member, journalists, and activists in a broad
Germany suspects Russia is behind Signal phishing that targeted top officials
German officials were targeted in a Signal phishing campaign suspected to be from Russia. The attack used social engineering to bypass security.
Suspected Silk Typhoon hacker extradited to U.S. in COVID-19 espionage case
Xu Zewei, an alleged member of the Chinese state-sponsored group Silk Typhoon (APT41), faces U.S. charges for attacks on COVID-19 research entities.
Alleged Chinese state hacker extradited to the US to face espionage and fraud charges
Xu Zewei, an alleged member of the Chinese state-sponsored hacking group APT41, has been extradited to the US to face charges of cyber espionage and f
The persistent cyber war: Four years into the Ukraine invasion
Four years after Russia's full-scale invasion, a relentless cyber war continues to target Ukraine's critical infrastructure, government, and civilians
The digital ghost of Chornobyl: How the NotPetya cyberattack was a dress rehearsal for war
A deep dive into the 2017 NotPetya cyberattack, a destructive wiper disguised as ransomware that crippled Ukraine and caused $10B in global damages.
Researchers identify Fast16 sabotage malware that pre-dates Stuxnet
Discovered by Dragos, the Fast16 malware targets Siemens PLCs and likely represents an early, less-sophisticated attempt to sabotage Iran's nuclear pr
A dozen allied agencies say China is building covert hacker networks out of everyday routers
A joint warning from a dozen allied nations describes how Chinese state-sponsored hackers are using everyday routers to build covert networks inside c