• Home
  • Privacy Policy
  • Terms and Conditions
  • DMCA
  • Disclaimer
  • Contact us
Thursday, July 10, 2025
No Result
View All Result
NEWSLETTER defal
Lebanon Hub
NEWSLETTER
  • Home – Lebanon hub
    • About us
    • Radio & Live Hosting
      • Home
      • Podcast
      • About us
      • Contact us
  • Blog
    • Submit Blog
  • News
    • International
      • Lebanon
      • Australia
      • Sports
      • Tech
      • Cyber Security
      • Music
      • Celebrity
      • TV
      • Movies
    • Gaming
      • Reviews
      • XBOX
      • PlayStation
      • PC
      • Mobile
      • New Released
      • Popular
    • Cryptocurrency
      • Blockchain
      • Bitcoin
      • Altcoin
      • Exchange
      • Startups
      • Ethereum
      • Litecoin
  • Business
    • Business Dashboard
    • Add New Business
  • Events
    • Event Dashboard
  • Apply Job
    • All Jobs
    • All Resumes
  • Contact us
  • Sign in
  • Sign up
  • Home – Lebanon hub
    • About us
    • Radio & Live Hosting
      • Home
      • Podcast
      • About us
      • Contact us
  • Blog
    • Submit Blog
  • News
    • International
      • Lebanon
      • Australia
      • Sports
      • Tech
      • Cyber Security
      • Music
      • Celebrity
      • TV
      • Movies
    • Gaming
      • Reviews
      • XBOX
      • PlayStation
      • PC
      • Mobile
      • New Released
      • Popular
    • Cryptocurrency
      • Blockchain
      • Bitcoin
      • Altcoin
      • Exchange
      • Startups
      • Ethereum
      • Litecoin
  • Business
    • Business Dashboard
    • Add New Business
  • Events
    • Event Dashboard
  • Apply Job
    • All Jobs
    • All Resumes
  • Contact us
  • Sign in
  • Sign up
No Result
View All Result
Lebanon Hub
No Result
View All Result

India-Linked SideWinder Group Pivots to Hacking Maritime Targets

July 31, 2024
in Cyber Security
0
Home Cyber Security
3
VIEWS
Share on FacebookShare on Twitter


A nation-state cyber-espionage group linked to India has broadened its focusing on past regional rivals in Pakistan, Afghanistan, China, and Nepal and is concentrated on compromising computer systems and networks at maritime services in nations as far-off because the Mediterranean Sea.

The group — identified variously as SideWinder, Razor Tiger, and Rattlesnake — generally wages spear-phishing assaults utilizing pictures of official-looking paperwork. In its newest campaigns, SideWinder has falsified paperwork from particular ports, together with the Port of Alexandria in Egypt, with high-interest matters akin to job termination and wage reductions, researchers from BlackBerry stated in a newly revealed advisory.

Whereas the group has usually targeted on rivals nearer to residence and is much less prolific than different cyber spies, the present marketing campaign means that they’ve expanded their focusing on, says Ismael Valenzuela, vp of menace analysis and intelligence at BlackBerry.

“It is the primary time we now have seen SideWinder focusing on ports and maritime services in EMEA,” he says. “We see plenty of geopolitical turbulence and [changing] environments throughout the globe on quite a lot of points. This typically galvanizes menace teams and state-sponsors to particularly strike down crucial belongings, like these inside the maritime business.”

The maritime business more and more has change into a goal of cyberattacks, posing severe hazard to ships and ports. In 2019, the US Coast Guard warned transport corporations that assaults on their programs may result in accidents and catastrophes. Previously yr, following elevated Chinese language cyber operations towards crucial infrastructure together with maritime programs in and across the South China Sea, varied nations within the Asia-Pacific area have banded collectively to guard their networks and programs.

The cyber warnings additionally come as bodily threats to transport improve as nicely. Piracy off the Atlantic coast of Africa and the Arabian Sea, and among the many island nations of the Asia-Pacific, has escalated, whereas ship malfunctions — such because the one the brought about a vessel to collide with the Baltimore bridge — have change into extra frequent.

New Phishing Lures, Outdated Exploits

SideWinder has carried out assaults since no less than 2012. The group is comparatively refined, generally utilizing encrypted malware samples, varied obfuscation methods, and working code in reminiscence to keep away from file scanners, in keeping with a presentation at Black Hat Asia in 2022. From 2020 to 2022, the group carried out greater than 1,000 assaults, Noushin Shabab, senior safety researcher with Kaspersky, stated throughout that presentation.

“I feel what really makes them stand out amongst different APT [advanced persistent threat] actors is the big device set they’ve with many various malware households, numerous new spear-phishing paperwork, and a really massive infrastructure,” Shabab stated. “I have not seen 1,000 assaults from a single APT” from one other group up to now.

Nonetheless, the present cyberattacks are, in lots of instances, utilizing older vulnerabilities, akin to a flaw in Microsoft Workplace courting again to 2017. The vulnerability (CVE-2017-0199) permits distant code execution towards previous variations of Microsoft Workplace and Home windows, and has been a highly regarded vector of assault, with greater than 5,600 malware samples exploiting the problem this yr, together with 15 malicious samples reported from Egypt, in keeping with BlackBerry.

Like most teams, SideWinder doesn’t wish to waste exploit, even when it is seven years previous, says Valenzuela.

“Why can we nonetheless see previous CVEs like these exploited within the wild? Attackers know that many organizations don’t patch their Workplace software program for a few years,” he says. “That is particularly frequent in organizations with legacy programs, which are sometimes utilized in ports and maritime services in addition to different crucial infrastructure.”

BlackBerry documented the usage of one other highly regarded — and seven-year-old — vulnerability, within the Microsoft Workplace Equation Editor (CVE-2017-11882), with greater than 9,500 samples of Workplace paperwork exploiting the problem for the reason that begin of 2024. Each of those vulnerabilities have made the Identified Exploited Vulnerabilities listing maintained by the Cybersecurity and Infrastructure Safety Company (CISA).

Maritime Beneath Assault

BlackBerry’s menace researchers found quite a lot of domains within the first and second phases of the assault which can be possible proof of their targets, together with an extended listing in South Asia together with Pakistan, Sri Lanka, Bangladesh, Myanmar, Nepal, and the Maldives. Egyptian ports look like the one goal exterior of India’s prolonged neighborhood.

Whereas the nation seems to be extending its attain to different areas of the world, the cyber operations should not truly focusing on ports on a world scale, Valenzuela says.

“They’re definitely focusing on ports in key nations the place this menace actor has geopolitical pursuits, and that features the Indian Ocean and the Mediterranean, [such as] Egypt,” he says. “We don’t have details about different targets within the Mediterranean Sea right now.”

The researchers haven’t captured the ultimate payload within the assaults, however primarily based on the group’s earlier actions, they consider the aim is intelligence-gathering and cyber espionage, the corporate acknowledged in its advisory.





Source link

Tags: GroupHackingIndiaLinkedMaritimepivotsSideWinderTargets
Next Post
Meta AI Studio lets users clone their personality into a chatbot

Meta AI Studio lets users clone their personality into a chatbot

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Beirut, LB
14°
Cloudy / Wind
05:4017:50 EET
Feels like: 13°C
Wind: 34km/h SW
Humidity: 65%
Pressure: 1012.19mbar
UV index: 0
FriSatSun
14°C / 9°C
16°C / 11°C
18°C / 12°C
Beirut, LB 10 days weather forecast ▸

Recent News

10 Best Plot Twists in ‘The Shawshank Redemption,’ Ranked

10 Best Plot Twists in ‘The Shawshank Redemption,’ Ranked

July 10, 2025
BMTH Announce ‘Lo-files’ Album With Lo-Fi Versions of Biggest Hits

BMTH Announce ‘Lo-files’ Album With Lo-Fi Versions of Biggest Hits

July 10, 2025
Nuts is everywhere in Lebanon

Nuts is everywhere in Lebanon

July 10, 2025
Sold Out Snoop Dogg Telegram NFT Drop Generates  Million

Sold Out Snoop Dogg Telegram NFT Drop Generates $12 Million

July 10, 2025
Russia Has Seized  Billion of Assets Amid Pressured Wartime Economy

Russia Has Seized $50 Billion of Assets Amid Pressured Wartime Economy

July 10, 2025
Bitcoin Rally Ahead? DXY Breakdown Suggests Capital Shift To Risk-On Assets

Bitcoin Rally Ahead? DXY Breakdown Suggests Capital Shift To Risk-On Assets

July 10, 2025
Stalker 2 Is Coming To PlayStation 5 Later This Year

Stalker 2 Is Coming To PlayStation 5 Later This Year

July 10, 2025
Quell the Xbox Hordes in Greedland

Quell the Xbox Hordes in Greedland

July 10, 2025
Lebanon Hub

Get the Latest Lebanon News and world News on LebanonHub.com. Local News, Sports, Technology, Music, Celebrity, Gaming News and Cryptocurrency Updates.

Category

  • Altcoin
  • Australia
  • Bitcoin
  • Blockchain
  • Celebrity
  • Cyber Security
  • Ethereum
  • Exchange
  • Litecoin
  • Local News
  • Mobile
  • Movies
  • Music
  • New Released
  • PC
  • PlayStation
  • Popular
  • Reviews
  • Sports
  • Startups
  • Technology
  • TV
  • XBOX

Recent News

10 Best Plot Twists in ‘The Shawshank Redemption,’ Ranked

10 Best Plot Twists in ‘The Shawshank Redemption,’ Ranked

July 10, 2025
BMTH Announce ‘Lo-files’ Album With Lo-Fi Versions of Biggest Hits

BMTH Announce ‘Lo-files’ Album With Lo-Fi Versions of Biggest Hits

July 10, 2025
  • Home
  • DMCA
  • Disclaimer
  • Privacy Policy
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

Copyright © 2022 - Lebanon Hub.

No Result
View All Result
  • Home – Lebanon hub
    • About us
    • Radio & Live Hosting
      • Home
      • Podcast
      • About us
      • Contact us
  • Blog
    • Submit Blog
  • News
    • International
      • Lebanon
      • Australia
      • Sports
      • Tech
      • Cyber Security
      • Music
      • Celebrity
      • TV
      • Movies
    • Gaming
      • Reviews
      • XBOX
      • PlayStation
      • PC
      • Mobile
      • New Released
      • Popular
    • Cryptocurrency
      • Blockchain
      • Bitcoin
      • Altcoin
      • Exchange
      • Startups
      • Ethereum
      • Litecoin
  • Business
    • Business Dashboard
    • Add New Business
  • Events
    • Event Dashboard
  • Apply Job
    • All Jobs
    • All Resumes
  • Contact us
  • Sign in
  • Sign up

Copyright © 2022 - Lebanon Hub.