"While this group might be pursuing espionage objectives, its methods, targets and scale of operations are alarming, with potential long-term consequences for national security and key services,"
"Palo Alto Networks Unit 42 confirmed that the threat actor successfully accessed and exfiltrated sensitive data from victim email servers,"
"This included financial negotiations and contracts, banking and account information, and critical military-related operational updates."
A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries and at least 70 organizations, maintaining access to several for months. Successful intrusions included five national police or border control entities, one nation's parliament, a senior elected official, national telecommunications companies, and three ministries of finance. Sensitive data exfiltrated from email servers included financial negotiations, contracts, banking and account information, and military-related operational updates. The group is tracked as TGR-STA-1030 and conducted active reconnaissance against 155 governments, with a concentrated focus on Germany and connections to over 490 government-related IPs. The Cybersecurity and Infrastructure Security Agency is aware.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]