The Business Standard reports that India’s Ministry of Road Transport and Highways yesterday alerted the country’s transportation sector to expect cyberespionage. The Hindu Businessline says a note they obtained represents CERT-In’s conclusions: “CERT-In has observed continued targeted intrusion activities from Chinese state-sponsored actors towards Indian transport sector with the possible intention to collect intelligence and conduct cyber espionage.”
Google’s Project Zero has provided an update on a campaign they began tracking last year, providing additional information on seven zero days its researchers detected a threat actor using this past October. Windows, iOS, and Android systems were affected; victims were usually infected in watering hole attacks. The unknown threat actor used a total of eleven zero days over their campaign’s yearlong run. Their development would have been expensive, and the infrastructure used was large and carefully constructed.
Researchers at Swiss security firm Prodaft report that they’ve identified a threat actor (“SilverFish”) whose target list significantly overlaps the list of victims of SolarWinds exploitation. Some of…
