The Register: Russians are posing as Signal support to launch phishing attacks. “Russian intelligence-affiliated parties are posing as customer support services on commercial messaging applications such as Signal to compromise accounts and conduct phishing attacks, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) warned last Friday.”

The Register: Japan to allow ‘proactive cyber-defense’ from October 1st. “Japan’s government yesterday decided to allow its Self-Defense Force to conduct offensive cyber-operations, starting on October 1st.”

Reuters: Cyber actors linked to Russia targeting users of messaging apps, FBI says. “Hackers tied to the Russian intelligence services are targeting users of consumer ‌messaging applications such as Signal, the FBI ‌and U.S. cyber defense agency CISA said on Friday.”

BBC: Overseas ‘content farms’ creating political deepfakes uncovered. “Overseas ‘content farms’ are using Artificial Intelligence (AI) to create social media posts about UK politics, an expert has warned. Technology company Meta removed several Vietnam-based pages from Facebook after a BBC Wales investigation found they were spreading fake news.”

RE: https://social.vivaldi.net/@Vivaldi/116212671551431361

Here is the hard truth — this will happen.

Why?

It’s state-sponsored. The United States government wants this to happen, and Google is more than happy to go along with it because it benefits them too.

I love that Vivaldi and others have signed a letter. I love that people have even created petitions against this. But we’re not the ones who will decide this future.

#Google #Government #UnitedStates #StateSponsored

Associated Press: State actors are behind much of the visual misinformation about the Iran war. “A deluge of misrepresented or fabricated videos has spread widely online since the Iran war began last weekend, fueled in part by state-linked propaganda influence campaigns — particularly around who is winning the war and how bad casualties have been.”

Operational Summary: UAE Thwarts Alleged State-Aligned Ransomware Campaign
The UAE Cyber Security Council reports disrupting coordinated attacks targeting:
• Critical digital infrastructure
• National platforms
• Vital sectors

Tactics allegedly included:
– Network infiltration
– Ransomware deployment
– Systematic phishing
– AI-enabled offensive tooling

Geopolitical overlay:
• 2023 cyber cooperation pact with the U.S. Department of the Treasury
• 2024 allegations from the Federal Bureau of Investigation and United States Department of Defense regarding Iran-linked ransomware coordination

If AI tooling is indeed operationalized by state-aligned groups, detection models must evolve rapidly.

Threat researchers - how significant is AI augmentation in real-world ransomware ops today?

Source: https://therecord.media/uae-claims-it-stopped-terrorist-ransomware-attack

Engage below.
Follow @technadu for advanced infosec coverage.

#Infosec #Ransomware #StateSponsored #ThreatIntelligence #CyberDefense #AIThreats #CriticalInfrastructure #CyberWarfare #SOC #IR

Hello everyone! It's been a pretty active 24 hours in the cyber world, with a significant ransomware incident, a deep dive into a global state-sponsored espionage campaign, and some critical warnings about social engineering on messaging apps. We're also seeing more scrutiny on biometric data and AI surveillance. Let's get into it:

Payment Gateway Hit by Ransomware ⚠️
- BridgePay Network Solutions, a major US payment gateway, has confirmed a ransomware attack caused widespread outages across its core production systems.
- The incident, which began on Friday, led to merchants nationwide being unable to process card payments, forcing some to go cash-only.
- While initial forensics suggest no payment card data was compromised, the attack encrypted files and highlights the critical impact of ransomware on payment infrastructure.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/payment-gateway-bridgepay-confirms-ransomware-attack-behind-outage/

Global Espionage Operation 'Shadow Campaigns' Uncovered 🕵️
- Palo Alto Networks' Unit 42 has detailed "Shadow Campaigns," a global espionage operation by an Asia-based state-sponsored actor (tracked as TGR-STA-1030/UNC6619) active since January 2024.
- The group has compromised at least 70 government and critical infrastructure organisations in 37 countries, with reconnaissance efforts targeting 155 nations.
- Initial access methods include tailored phishing with a custom 'Diaoyu' loader and exploitation of 15 known vulnerabilities, alongside the deployment of 'ShadowGuard', a custom Linux kernel eBPF rootkit designed for stealthy persistence.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/state-actor-targets-155-countries-in-shadow-campaigns-espionage-op/

State-Sponsored Signal Phishing Targets High-Value Individuals 📱
- German intelligence agencies (BfV and BSI) are warning of state-sponsored phishing attacks via the Signal messaging app, targeting politicians, military personnel, diplomats, and journalists.
- Attackers impersonate "Signal Support" to trick victims into revealing their Signal PIN or scanning a malicious QR code, gaining access to contacts, profile information, and potentially message history.
- This campaign doesn't exploit Signal vulnerabilities but weaponises its legitimate features; similar tactics could extend to WhatsApp, underscoring the need for Registration Lock and vigilance against social engineering.

📰 The Hacker News | https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html

Biometric Surveillance Under Scrutiny 🔒
- New York City's MTA is trialling AI-powered cameras in subway gates to detect fare evasion, generating physical descriptions of suspected individuals and raising significant privacy concerns.
- This initiative is part of a broader trend of increasing biometric surveillance in NYC by both government and retailers, prompting warnings about "sleepwalking into a surveillance state."
- Separately, the DHS Inspector General has launched an audit into the Department of Homeland Security's privacy practices, specifically focusing on the collection and management of biometric data by ICE and OBIM amid allegations of civil liberties violations.

🗞️ The Record | https://therecord.media/nyc-explores-ai-cameras-fare-evaders-subway
🤫 CyberScoop | https://cyberscoop.com/dhs-ig-audit-ice-obim-biometric-data-privacy-facial-recognition/

#CyberSecurity #Ransomware #Espionage #APT #StateSponsored #Phishing #SocialEngineering #SignalApp #DataPrivacy #BiometricSurveillance #AI #InfoSec #ThreatIntelligence #IncidentResponse