Tag: government targets

7 Attack Reports | 0 Vulnerabilities

Attack reports

Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets

A zero-day vulnerability in the TrueConf client application, CVE-2026-3502, was exploited in a targeted campaign against government entities in Southeast Asia. The flaw allows attackers controlling an on-premises TrueConf server to distribute and execute arbitrary files across connected endpoints. …

dll sideloading

government targets

Published: March 31, 2026

Downloadable IOCs: 0

Iran conflict drives heightened espionage activity against Middle East targets

The ongoing conflict involving Iran has led to increased cyber espionage activities targeting Middle Eastern governments. Multiple state-sponsored threat actors, including those from China, Belarus, Pakistan, and Hamas, have been observed conducting campaigns using the conflict as a lure. These act…

cyber espionage

government targets

state-sponsored actors

Published: March 11, 2026

Downloadable IOCs: 19

Ink Dragon's Relay Network and Stealthy Offensive Operation

Check Point Research has identified a new wave of attacks by the Chinese threat actor Ink Dragon, targeting government entities in Europe, Southeast Asia, and South America. The actor builds a victim-based relay network using a custom ShadowPad IIS Listener module, turning compromised servers into …

government targets

chinese threat actor

iis exploitation

stealthy operations

Published: December 16, 2025

Downloadable IOCs: 16

New Tomiris tools and techniques: multiple reverse shells, Havoc, AdaptixC2

Kaspersky researchers uncovered new malicious operations by the Tomiris threat actor targeting foreign ministries, intergovernmental organizations, and government entities. The attacks, which began in early 2025, show a shift in tactics with increased use of implants leveraging public services like…

government targets

tomiris powershell telegram backdoor

multi-language malware

tomiris c# reverseshell

tomiris c/c++ reverseshell

tomiris python telegram reverseshell

tomiris python discord reverseshell

tomiris c# telegram reverseshell

tomiris rust downloader

tomiris python filegrabber

distopia backdoor

tomiris go reversesocks

tomiris go reverseshell

tomiris rust reverseshell

tomiris c++ reversesocks

Published: November 28, 2025

Downloadable IOCs: 66

Cyber Espionage Operation Expanding from Central Asia

An active cyber-espionage campaign by UAC-0063 is targeting organizations in Central Asia and Europe, including government entities and diplomatic missions. The group exploits previously compromised victims by weaponizing exfiltrated documents to deliver HATVIBE malware. They use sophisticated tool…

government targets

cyber-espionage

weaponized documents

Published: January 29, 2025

Downloadable IOCs: 0

New Star Blizzard spear-phishing campaign targets WhatsApp accounts

Star Blizzard, a Russian threat actor, has launched a new spear-phishing campaign targeting WhatsApp accounts. The campaign, observed in mid-November 2024, marks a shift in the actor's tactics. Targets include government officials, diplomats, and researchers focused on Russia-related topics. The at…

social engineering

credential theft

government targets

diplomacy targets

russian threat actor

Published: January 17, 2025

Downloadable IOCs: 2

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

Between April and July 2024, Iranian state-sponsored threat actor Peach Sandstorm deployed a new custom multi-stage backdoor called Tickler. The malware targeted organizations in the satellite, communications equipment, oil and gas, and government sectors in the United States and UAE. Peach Sandsto…

satellite sector

government targets

linkedin intelligence gathering

tickler malware

iranian threat actor

Published: August 30, 2024

Downloadable IOCs: 9

Click here to see more Attack Reports