mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

8.2K
active users

#espionage

35 posts29 participants3 posts today

Today in Labor History July 25, 2010: WikiLeaks published classified documents about the War in Afghanistan, one of the largest leaks in U.S. military history. The leak included 91,000 Afghan War documents, covering the period from January 2004 to December 2009. Prior to the release, WikiLeaks made the logs available to “The Guardian,” “The New York Times” and “Der Spiegel.” The Times said the leak "offers an unvarnished and grim picture of the Afghan war." The Guardian called it "one of the biggest leaks in U.S. military history ... a devastating portrait of the failing war in Afghanistan, revealing how coalition forces have killed hundreds of civilians in unreported incidents, Taliban attacks have soared and NATO commanders fear neighboring Pakistan and Iran are fueling the insurgency." The documents also revealed that U.S. military contractors had hired local male child prostitutes.

As a result of the leaks, the U.S. government launched a criminal investigation into Wikileaks, and its founder, Julian Assange, who spent years under British custody. And the U.S. fought aggressively to get him extradited to the U.S., where he would face multiple life sentences for espionage.

Watch the original leaked footage here: youtu.be/5rXPrfnU3G0?t=2

"Fire Ant’s operations are characterized by infrastructure-centric TTPs, enabling activity beneath the detection threshold of traditional endpoint controls, highlighting critical blind spots of conventional security stacks."

Sygnia, from yesterday: Fire Ant: A Deep-Dive into Hypervisor-Level Espionage sygnia.co/blog/fire-ant-a-deep

More: Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances infosecurity-magazine.com/news #cybersecurity #infosec #VMWare #espionage

Sygnia · Fire Ant: Hypervisor-Level Espionage Targeting VMware ESXi & vCenter | SygniaDiscover Sygnia’s investigation into Fire Ant, an advanced cyber-espionage campaign breaching VMware ESXi, vCenter, and network appliances. Learn how the attackers bypassed traditional defenses with hypervisor-level persistence and stealth.

State-Sponsored Cyber Espionage Campaigns Using Sophisticated Malware Techniques

Two state-sponsored cyber-espionage campaigns Operation GhostChat and Operation PhantomPrayers targeted the Tibetan community ahead of the Dalai Lama’s 90th birthday.

Pulse ID: 688349e1397eb0167d8a7804
Pulse Link: otx.alienvault.com/pulse/68834
Pulse Author: cryptocti
Created: 2025-07-25 09:09:53

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

"To fully chronicle the ordeal the people of Rongelap went through in the years since the United States deliberately poisoned them would require an entire book. The day after the explosion, islanders suffered vomiting, diarrhea, hair loss, severe burns. Two days after the explosion, the American military evacuated everyone, telling them to bring nothing but the clothes on their backs." —Dan Kois for Slate

slate.com/news-and-politics/20

Slate · In 1985, a Group of Spies Had a Target—and a Plan. It Turned Into One of the Most Sensationally Botched Crimes of the Century.By Dan Kois

Dropping Elephant APT Group Targets Turkish Defense Industry With New Campaign and Capabilities: LOLBAS, VLC Player, and Encrypted Shellcode

The Arctic Wolf Labs team has uncovered a new cyber-espionage campaign by the Dropping Elephant APT group targeting Turkish defense contractors. The attack leverages a five-stage execution chain delivered via malicious LNK files disguised as conference invitations. It uses legitimate binaries like VLC Media Player for defense evasion through DLL side-loading. The campaign demonstrates an evolution in the group's capabilities, transitioning from x64 DLL variants to x86 PE executables with enhanced command structures. The timing coincides with increased Turkey-Pakistan defense cooperation amid India-Pakistan tensions, suggesting geopolitical motives. The attack chain includes social engineering, PowerShell scripting, file obfuscation, and a custom remote access trojan for intelligence gathering.

Pulse ID: 688170c50514b68970173b49
Pulse Link: otx.alienvault.com/pulse/68817
Pulse Author: AlienVault
Created: 2025-07-23 23:31:17

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Operation Cargotalon: Targeting Russian Aerospace Defense Using Eaglet Implant

UNG0901, a threat group targeting Russian aerospace and defense sectors, has been discovered conducting a spear-phishing campaign against the Voronezh Aircraft Production Association. The operation, dubbed 'CargoTalon', utilizes a custom DLL implant called EAGLET, which is disguised as a ZIP file containing transport documents. The infection chain involves a malicious LNK file that executes the EAGLET implant, which then establishes communication with a command-and-control server for remote access and data exfiltration. The campaign employs sophisticated tactics, including decoy documents related to Russian logistics operations, and shows similarities with another threat group known as Head Mare. The attackers' motivation appears to be espionage against Russian governmental and non-governmental entities.

Pulse ID: 6881c978dd5260be2347dcb4
Pulse Link: otx.alienvault.com/pulse/6881c
Pulse Author: AlienVault
Created: 2025-07-24 05:49:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Ex-security guard at US Embassy in Norway is accused of spying for Russia and Iran

OSLO, Norway (AP) — A former security guard at the U.S. Embassy in Norway has been indicted b…
#NewsBeep #News #Headlines #2024-2025MideastWars #AssociatedPress #Espionage #Generalnews #Indictments #Internationalagreements #Iran #Israel-Iranwar #JosAssisGiammaria #Lawenforcement #MikhailValeryevichMikushin #Norwaygovernment #Russia #Russia-Ukrainewar #Warandunrest #World #Worldnews
newsbeep.com/15874/

Jack Debaut is caught in a deadly game of betrayal and secrets.
Enemies hide in plain sight, and time is running out. Can he uncover the truth before it’s too late?

📖 From Terror to Valor is a pulse-pounding thriller packed with action, suspense, and twists that will keep you hooked.

🔗 books2read.com/fromterror2valor

books2read.comAvailable now at your favorite digital store!From Terror to Valor: Echoes and Shadows by John A. Mulhall

SOC files: an APT41 attack on government IT services in Africa

Chinese cyberespionage group APT41 conducted a targeted attack against government IT services in Africa. The attackers used various tools including Impacket, Cobalt Strike, and custom malware for lateral movement, privilege escalation, and data exfiltration. They leveraged DLL sideloading techniques and a compromised SharePoint server as a command and control center. The attack involved credential harvesting, use of web shells, and custom stealers to collect sensitive data. Notable TTPs included using hardcoded internal service names and proxy servers in malware, and exploiting a captive SharePoint server for C2 communication. The incident highlights the importance of comprehensive infrastructure monitoring and proper access controls.

Pulse ID: 687e0dfc3d01c46d9a3c790b
Pulse Link: otx.alienvault.com/pulse/687e0
Pulse Author: AlienVault
Created: 2025-07-21 09:53:00

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Reuters: Microsoft to stop using engineers in China for tech support of US military, Hegseth orders review . “Microsoft on Friday said it will stop using China-based engineers to provide technical assistance to the U.S. military after a report in investigative journalism outlet ProPublica sparked questions from a U.S. senator and prompted Defense Secretary Pete Hegseth to order a two-week […]

https://rbfirehose.com/2025/07/21/reuters-microsoft-to-stop-using-engineers-in-china-for-tech-support-of-us-military-hegseth-orders-review/

ResearchBuzz: Firehose | Individual posts from ResearchBuzz · Reuters: Microsoft to stop using engineers in China for tech support of US military, Hegseth orders review | ResearchBuzz: Firehose
More from ResearchBuzz: Firehose