ekiledjian

@edwardk@infosec.exchange
87 Followers
175 Following
4.3K Posts
The Canadian government and FBI reported malicious activity targeting Canadian telecommunication companies, attributing the intrusions to the China-backed hacking group Salt Typhoon. The group, active since late 2024, is believed to be preparing for a potential future invasion of Taiwan by 2027.
https://finance.yahoo.com/news/canada-says-telcos-were-breached-193515923.html
Canada says telcos were breached in China-linked espionage hacks

Salt Typhoon previously hacked phone and telco giants across the United States. The feds say that separate investigations suggest that Salt Typhoon's...

Yahoo Finance
Canada’s Communications Security Establishment (CSE) has admitted to improperly sharing Canadian information with international intelligence partners between 2020 and 2023—data that was incidentally collected during lawful foreign intelligence operations. The breach, disclosed following a review by Intelligence Commissioner Simon Noël, highlights oversight lapses and raises broader privacy concerns as Ottawa advances Bill C-8, which could expand CSE’s data access through mandatory breach reporting. While CSE says it acted swiftly to contain the issue and sought deletion assurances from its partners, privacy experts warn this incident illustrates systemic risks to Canadians’ personal data under expanding cyber authorities.
https://www.cbc.ca/news/politics/cse-intelligence-commissioner-shared-information-1.7566777
Spy agency says it 'improperly' shared Canadians' data with international partners | CBC News

Canada’s cyber spies shared identifying information about Canadians with international partners, according to the office that reviews intelligence agency actions. 

CBC
Fred Smith, the founder of FedEx, passed away at 80. Smith, a Marine Corps veteran, revolutionized the express delivery industry with FedEx’s “hub and spokes” system, which became a global transportation and logistics company. Despite his significant contributions to business and philanthropy, Smith generally avoided the public spotlight.
https://toronto.citynews.ca/2025/06/22/fedex-founder-fred-smith-a-marine-corps-veteran-who-revolutionized-package-delivery-dies-at-80/
FedEx founder Fred Smith, a Marine Corps veteran who revolutionized package delivery, dies at 80

Fred Smith, the FedEx Corp. founder who revolutionized the express delivery industry, has died, the company said. He was 80.

CityNews Toronto
In a joint advisory issued Friday, Canada’s cybersecurity agency and the U.S. Federal Bureau of Investigation confirmed that Salt Typhoon—a state-sponsored cyber group linked to the Chinese government—is “almost certainly” behind a recent campaign targeting Canadian telecommunications infrastructure. The Canadian Centre for Cyber Security disclosed that at least three network devices registered to a domestic telecom firm were compromised, with further investigation indicating that the threat may extend beyond the telecom sector. The advisory warns that such infiltration attempts are expected to continue over the next two years, underscoring the strategic interest of Chinese-backed threat actors in Canadian networks. Organizations are urged to adopt enhanced defence measures as attribution confidence and campaign scope increase.
https://www.bloomberg.com/news/articles/2025-06-21/canada-says-network-devices-compromised-in-china-linked-hack
Canada Says Network Devices Compromised in China-Linked Hack

Canada’s cybersecurity agency said Chinese-backed hackers were likely behind recent malicious activity targeting domestic telecommunications infrastructure, warning that three network devices registered to a Canadian company were compromised in the attacks.

Bloomberg
European law enforcement, led by Denmark and Sweden, is cracking down on violence-as-a-service, where criminal groups recruit teenagers online for contract killings. Europol’s OTF GRIMM task force, comprising multiple countries, is investigating these incidents, including a shooting in Kokkedal, and has arrested several individuals involved in the recruitment and provision of weapons.
https://hackread.com/violence-as-a-service-encrypted-apps-recruit-teen-hitmen/
Violence-as-a-Service: Encrypted Apps Used in Recruiting Teens as Hitmen

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Iran confirmed an internet shutdown to protect against Israeli cyberattacks, citing threats to critical infrastructure and drone control. The shutdown, which coincided with escalating military conflict and cyberattacks, was ordered to prevent damage from Israeli cyber operations, including attacks on banks and a cryptocurrency exchange. The pro-Israel hacking group “Predatory Sparrow” claimed responsibility for these attacks.
https://securityaffairs.com/179199/cyber-warfare-2/iran-confirmed-it-shut-down-internet-to-protect-the-country-against-cyberattacks.html
Iran confirmed it shut down internet to protect the country against cyberattacks

Iran confirmed Internet shutdown to counter Israeli cyberattacks,citing threats to critical infrastructure, interference with drone control

Security Affairs
The Qilin ransomware group is offering a “Call Lawyer” feature to affiliates, providing legal support during ransom negotiations to pressure victims into paying. This move, along with network propagation capabilities and a DDoS option, demonstrates Qilin’s growing sophistication and adaptability in cyberattacks. Qilin, active since August 2022, is positioning itself as a full-service cybercrime platform, offering advanced tools and infrastructure to affiliates.
https://securityaffairs.com/179205/breaking-news/qilin-ransomware-gang-now-offers-a-call-lawyer-feature.html
Qilin ransomware gang now offers a "Call Lawyer" feature to pressure victims

Qilin ransomware gang now offers a "Call Lawyer" feature to help affiliates pressure victims into paying, per Cybereason.

Security Affairs
New hires are 44% more likely to fall for phishing and social engineering scams than longer-term employees, according to Keepnet’s 2025 report. This is due to their unfamiliarity with cybersecurity protocols, overwhelming onboarding, and limited early security training. Targeted training can reduce phishing risk by 30%.
https://www.helpnetsecurity.com/2025/06/23/new-hire-phishing-risk/
71% of new hires click on phishing emails within 3 months - Help Net Security

New hire phishing risk is rising fast, with 71% of new employees falling for scams during their first 90 days, according to Keepnet.

Help Net Security
A new SparkKitty Trojan spyware, connected to the SparkCat campaign, targets both iOS and Android devices. It steals images from victims’ photo galleries, using OCR to target specific images, and exfiltrates them to C2 servers. The malware, disguised as legitimate frameworks or libraries, is distributed through official app stores and unofficial sources.
https://securelist.com/sparkkitty-ios-android-malware/116793/
SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play

SparkKitty, a new Trojan spy for iOS and Android, spreads through untrusted websites, the App Store, and Google Play, stealing images from users' galleries.

Kaspersky
A new SparkKitty Trojan spyware, connected to the SparkCat campaign, targets both iOS and Android devices. It steals images from victims’ photo galleries, using OCR to target specific images, and exfiltrates them to C2 servers. The malware, disguised as legitimate frameworks or libraries, is distributed through official app stores and unofficial sources.
https://securelist.com/sparkkitty-ios-android-malware/116793/
SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play

SparkKitty, a new Trojan spy for iOS and Android, spreads through untrusted websites, the App Store, and Google Play, stealing images from users' galleries.

Kaspersky