CyberSecurityBoard
Sponsor Register Login

ShadowSilk APT Targets 36 Government Entities Across Asia with Sophisticated Cyber Espionage Campaign

ShadowSilk, a sophisticated APT group, has been identified targeting 36 government entities across Asia in a widespread cyber espionage campaign. This group employs advanced malware and stealthy tactics to infiltrate and maintain persistence within critical government networks. Their operations focus on intelligence gathering and data exfiltration, posing significant risks to national security and regional stability. The campaign highlights the increasing complexity and scale of state-sponsored cyber threats in the Asia-Pacific region. Organizations are urged to enhance their cybersecurity defenses, implement robust threat detection mechanisms, and stay vigilant against evolving attack vectors. This detailed analysis covers ShadowSilk's tactics, techniques, and procedures (TTPs), the malware families involved, and recommendations for mitigating such threats effectively.

This Cyber News was published on thehackernews.com. Publication date: Thu, 28 Aug 2025 01:59:03 +0000


Cyber News related to ShadowSilk APT Targets 36 Government Entities Across Asia with Sophisticated Cyber Espionage Campaign

ShadowSilk APT Targets 36 Government Entities Across Asia with Sophisticated Cyber Espionage Campaign - ShadowSilk, a sophisticated APT group, has been identified targeting 36 government entities across Asia in a widespread cyber espionage campaign. This group employs advanced malware and stealthy tactics to infiltrate and maintain persistence within ...
6 days ago Thehackernews.com CVE-2024-5678 CVE-2025-1234 ShadowSilk
ShadowSilk Targets Central Asian Governments with Espionage Campaign - ShadowSilk, a sophisticated cyber espionage group, has been actively targeting Central Asian governments in a recent campaign aimed at gathering sensitive intelligence. This threat actor employs advanced malware and social engineering tactics to ...
6 days ago Infosecurity-magazine.com ShadowSilk
What is an advanced persistent threat? - An advanced persistent threat is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period. APT attacks are initiated to steal highly sensitive data rather than cause damage to ...
1 year ago Techtarget.com Cozy Bear APT29
Chinese APT Hackers Earth Krahang Exploits Government Exchange Servers - A new Advanced Persistent Threat campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe. This campaign, active since early 2022, has been linked to a China-nexus threat actor, previously ...
1 year ago Cybersecuritynews.com CVE-2023-32315 CVE-2022-21587 Earth Lusca
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
1 year ago Techrepublic.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
11 months ago Cyberdefensemagazine.com Akira
'ChamelGang' APT Disguises Espionage Activities With Ransomware - A likely China-backed advanced persistent threat group has been systematically using ransomware to disguise its relatively prolific cyber-espionage operations for the past three years, at least. The threat actor, who researchers at SentinelOne are ...
1 year ago Darkreading.com APT41
Chinese Hackers Exploit Microsoft Exchange Servers to Steal COVID-19 Research Data - A sophisticated cyberattack orchestrated by Chinese state-sponsored hackers has exposed vulnerabilities in the global cybersecurity infrastructure, targeting critical COVID-19 research from American universities and exploiting Microsoft Exchange ...
1 month ago Cybersecuritynews.com HAFNIUM
Gamaredon Hacker Group Using Weaponize LNK Files To Drop Remcos Backdoor on Windows - Cisco Talos researchers identified this campaign has been active since at least November 2024, with evidence suggesting Gamaredon is specifically targeting Ukrainian government organizations, critical infrastructure, and entities affiliated with ...
5 months ago Cybersecuritynews.com
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
1 year ago Cyberdefensemagazine.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com
19 APT Hackers Attacking Asia Company's Servers by Exploiting Vulnerability & Spear Phishing Email - The technical sophistication demonstrated in these attacks highlights the evolving capabilities of APT groups targeting Asian organizations, requiring enhanced security measures and continued vigilance from cybersecurity teams across the region. In ...
4 months ago Cybersecuritynews.com Lazarus Group APT37 APT3
ShadowSilk Attacking Penetration Testing Tools: A New Threat Landscape - ShadowSilk, a sophisticated cyber threat group, has been identified targeting penetration testing tools, marking a significant evolution in cyberattack strategies. This group exploits vulnerabilities in widely-used security assessment tools to ...
5 days ago Cybersecuritynews.com CVE-2023-34567 CVE-2024-01234 ShadowSilk
Microsoft Unveils Storm-0501’s Sophisticated Espionage Campaign Targeting Asia - Microsoft has recently disclosed a sophisticated cyber espionage campaign named Storm-0501, primarily targeting organizations across Asia. This campaign is attributed to a threat actor group known for advanced persistent threats (APT). Storm-0501 ...
6 days ago Cybersecuritynews.com CVE-2023-23397 CVE-2023-28252 Storm-0501
Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel - In a sophisticated cyber espionage campaign, threat actors are actively targeting Indian government personnel using decoy documents referencing the recent Pahalgam attack. The malware campaign appears specifically tailored to compromise sensitive ...
3 months ago Cybersecuritynews.com
Cyber Insurance for Businesses: Navigating Coverage - To mitigate these risks, many businesses opt for cyber insurance. With the wide range of policies available, navigating the world of cyber insurance can be overwhelming. In this article, we will delve into the complexities of cyber insurance and ...
1 year ago Securityzap.com
Fortifying cyber defenses: A proactive approach to ransomware resilience - Ransomware has become a pervasive threat, compromising the security and functionality of vital systems across the United States. While governmental pledges and public declarations of intent to fight cybercrime are foundational, they often lack the ...
1 year ago Helpnetsecurity.com
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
1 year ago Scmagazine.com
Operation HollowQuill Weaponizing PDF Documents to Infiltrate Academic & Government Networks - A sophisticated cyber espionage campaign dubbed “Operation HollowQuill” has been uncovered targeting academic institutions and government agencies worldwide through weaponized PDF documents. Once opened, these documents silently deploy a ...
4 months ago Cybersecuritynews.com
SideCopy APT Hackers Mimic as Government Personnel to Deploy Open-Source XenoRAT Tool - One notable email address, “[email protected],” was created on January 10, 2025, in UAE and remained active until February 28, 2025, mimicking a legitimate National Informatics Centre email address ...
4 months ago Cybersecuritynews.com SideCopy
Lawmakers: Ban TikTok to Stop Election Misinformation! Same Lawmakers: Restrict How Government Addresses Election Misinformation! - In a case being heard Monday at the Supreme Court, 45 Washington lawmakers have argued that government communications with social media sites about possible election interference misinformation are illegal. Just this week the vast majority of those ...
1 year ago Eff.org
Understanding Backdoor Diplomacy Attack on Iranian Government Entities - In today’s digital world, cyberattacks are becoming increasingly prevalent, particularly against governments and public or private entities. Recently, a new targeted attack against Iranian government entities has been detected. Dubbed “Backdoor ...
2 years ago Heimdalsecurity.com Cozy Bear
New GIFTEDCROOK Stealer Attacking Government Orgs To Steal Sensitive Data - Ukrainian government organizations are facing a sophisticated new cyber threat as threat actors deploy the recently discovered GIFTEDCROOK stealer malware to harvest sensitive data. Since February 2025, security researchers have been monitoring this ...
4 months ago Cybersecuritynews.com
IT Professionals in ASEAN Confronting Rising Cyber Security Risks - The ASEAN region is seeing more cyber attacks as digitisation advances. In July 2023, the Association of Southeast Asian Nations officially opened a joint cyber security information sharing and research centre, or Cybersecurity and Information Centre ...
1 year ago Techrepublic.com
UK sets out new cyber reporting requirements for critical infrastructure | The Record from Recorded Future News - The original law introduced duties for organizations in critical sectors to report cyber incidents to their regulators, but the thresholds for reportable incidents were based on the “interruption to the continuity of the essential or digital ...
5 months ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)