Remembering back in 2017 when Maddow told the USA that the European spies clearly told the USA that putin was conducting an attack on the USA with trump. And, like epstein, nothing came of it, and here we are now.

https://youtu.be/VVzRWPzmUfg?si=QZmXFtoe2oCTeZ8F

#UsPol #Geopolitics #HybridWar #Espionage

Hello everyone! It's been a pretty active 24 hours in the cyber world, with a significant ransomware incident, a deep dive into a global state-sponsored espionage campaign, and some critical warnings about social engineering on messaging apps. We're also seeing more scrutiny on biometric data and AI surveillance. Let's get into it:

Payment Gateway Hit by Ransomware ⚠️
- BridgePay Network Solutions, a major US payment gateway, has confirmed a ransomware attack caused widespread outages across its core production systems.
- The incident, which began on Friday, led to merchants nationwide being unable to process card payments, forcing some to go cash-only.
- While initial forensics suggest no payment card data was compromised, the attack encrypted files and highlights the critical impact of ransomware on payment infrastructure.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/payment-gateway-bridgepay-confirms-ransomware-attack-behind-outage/

Global Espionage Operation 'Shadow Campaigns' Uncovered 🕵️
- Palo Alto Networks' Unit 42 has detailed "Shadow Campaigns," a global espionage operation by an Asia-based state-sponsored actor (tracked as TGR-STA-1030/UNC6619) active since January 2024.
- The group has compromised at least 70 government and critical infrastructure organisations in 37 countries, with reconnaissance efforts targeting 155 nations.
- Initial access methods include tailored phishing with a custom 'Diaoyu' loader and exploitation of 15 known vulnerabilities, alongside the deployment of 'ShadowGuard', a custom Linux kernel eBPF rootkit designed for stealthy persistence.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/state-actor-targets-155-countries-in-shadow-campaigns-espionage-op/

State-Sponsored Signal Phishing Targets High-Value Individuals 📱
- German intelligence agencies (BfV and BSI) are warning of state-sponsored phishing attacks via the Signal messaging app, targeting politicians, military personnel, diplomats, and journalists.
- Attackers impersonate "Signal Support" to trick victims into revealing their Signal PIN or scanning a malicious QR code, gaining access to contacts, profile information, and potentially message history.
- This campaign doesn't exploit Signal vulnerabilities but weaponises its legitimate features; similar tactics could extend to WhatsApp, underscoring the need for Registration Lock and vigilance against social engineering.

📰 The Hacker News | https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html

Biometric Surveillance Under Scrutiny 🔒
- New York City's MTA is trialling AI-powered cameras in subway gates to detect fare evasion, generating physical descriptions of suspected individuals and raising significant privacy concerns.
- This initiative is part of a broader trend of increasing biometric surveillance in NYC by both government and retailers, prompting warnings about "sleepwalking into a surveillance state."
- Separately, the DHS Inspector General has launched an audit into the Department of Homeland Security's privacy practices, specifically focusing on the collection and management of biometric data by ICE and OBIM amid allegations of civil liberties violations.

🗞️ The Record | https://therecord.media/nyc-explores-ai-cameras-fare-evaders-subway
🤫 CyberScoop | https://cyberscoop.com/dhs-ig-audit-ice-obim-biometric-data-privacy-facial-recognition/

#CyberSecurity #Ransomware #Espionage #APT #StateSponsored #Phishing #SocialEngineering #SignalApp #DataPrivacy #BiometricSurveillance #AI #InfoSec #ThreatIntelligence #IncidentResponse

#France #China #espionage #spies

'Residents of Camblanes-et-Meynac, about 15km (9 miles) from Bordeaux, grew suspicious when - after letting a house through rentals giant Airbnb - the Chinese pair erected a large parabolic antenna in the garden.'

https://www.bbc.com/news/articles/cwy8yw98l2xo

Oops.

PST National Threat Assessment 2026 https://www.pst.no/wp-content/uploads/2026/02/National-Threat-Assessment-2026.pdf

The Record: Norwegian intelligence discloses country hit by Salt Typhoon campaign https://therecord.media/norawy-intelligence-discloses-salt-typhoon-attacks @therecord_media #infosec #espionage

An Asian cyberespionage group has spent the past year breaking into computer systems belonging to governments and critical infrastructure organizations in more than 37 countries. https://www.japantimes.co.jp/business/2026/02/06/tech/hackers-vast-spying-plot/?utm_medium=Social&utm_source=mastodon #business #tech #espionage #hacking #cybersecurity #us #china

The Shadow Campaigns: Uncovering Global Espionage

Pulse ID: 69856e8eb70f2ce034af6e69
Pulse Link: https://otx.alienvault.com/pulse/69856e8eb70f2ce034af6e69
Pulse Author: Tr1sa111
Created: 2026-02-06 04:31:10

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Espionage #InfoSec #OTX #OpenThreatExchange #bot #Tr1sa111

#russia #epstein #thiel #mandelson #putin #ukpol #epsteinfiles #uspol #jeffreyepstein #news #espionage #moscow #palantir

The Shadow Campaigns: Uncovering Global Espionage

This investigation reveals a new cyberespionage group tracked as TGR-STA-1030, believed to be a state-aligned actor operating from Asia. Over the past year, the group has compromised government and critical infrastructure organizations in 37 countries, targeting ministries, law enforcement agencies, and departments related to economic, trade, and diplomatic functions. The group employs sophisticated phishing and exploitation techniques, leveraging various tools and infrastructure to maintain persistent access. Their activities span across the Americas, Europe, Asia, Oceania, and Africa, with a focus on countries exploring certain economic partnerships. The group's operations often coincide with significant geopolitical events and economic interests, particularly in sectors like rare earth minerals and international trade agreements.

Pulse ID: 6984fb96aab9cc504d06ea4e
Pulse Link: https://otx.alienvault.com/pulse/6984fb96aab9cc504d06ea4e
Pulse Author: AlienVault
Created: 2026-02-05 20:20:38

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Africa #Americas #Asia #CyberSecurity #Cyberespionage #Espionage #Europe #Government #InfoSec #LawEnforcement #OTX #OpenThreatExchange #Phishing #RAT #RCE #bot #AlienVault

Attacks in Russia and Uzbekistan: NetSupport RAT and potential IoT interest

Stan Ghouls, a cybercriminal group also known as Bloody Wolf, has been conducting targeted attacks against organizations in Russia, Uzbekistan, and other Central Asian countries since 2023. Their latest campaign primarily focused on Uzbekistan, with about 50 victims identified, along with 10 in Russia and a few others in neighboring countries. The attackers use spear-phishing emails with malicious PDF attachments to deliver a Java-based loader, which then installs the NetSupport remote access tool. The group targets manufacturing, finance, and IT sectors, possibly for financial gain and espionage. New evidence suggests Stan Ghouls may be expanding into IoT-based threats, as Mirai malware files were found on a server linked to their previous campaigns.

Pulse ID: 6984fc47c486ad9ad9ceb9aa
Pulse Link: https://otx.alienvault.com/pulse/6984fc47c486ad9ad9ceb9aa
Pulse Author: AlienVault
Created: 2026-02-05 20:23:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #CentralAsia #CyberSecurity #Email #Espionage #InfoSec #IoT #Java #Malware #Manufacturing #Mirai #NetSupport #NetSupportRAT #OTX #OpenThreatExchange #PDF #Phishing #RAT #Russia #SpearPhishing #bot #AlienVault

What began as internet outages in a small French village has escalated into an alleged international espionage operation. Authorities have arrested four individuals, including two Chinese nationals, on suspicion of spying on sensitive military data on behalf of Beijing. The arrests followed the discovery of a satellite dish at a rented property in southwest France, an installation neighbors say had been disrupting local internet service.
#China #France #espionage

https://www.youtube.com/watch?v=YFFdN5xFpkQ

New.

Unit 42: The Shadow Campaigns: Uncovering Global Espionage https://unit42.paloaltonetworks.com/shadow-campaigns-uncovering-global-espionage #threatresearch #phishing

More:

Security Week: Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries https://www.securityweek.com/cyberspy-group-hacked-governments-and-critical-infrastructure-in-37-countries/ @SecurityWeek #infosec #espionage

Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in Southeast Asia

Pulse ID: 69844ee1549dde93ddab3e53
Pulse Link: https://otx.alienvault.com/pulse/69844ee1549dde93ddab3e53
Pulse Author: Tr1sa111
Created: 2026-02-05 08:03:45

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #CyberSecurity #Espionage #InfoSec #OTX #OpenThreatExchange #bot #Tr1sa111

Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia - Check Point Research

https://research.checkpoint.com/2026/amaranth-dragon-weaponizes-cve-2025-8088-for-targeted-espionage/

#cybersecurity #vulnerability #espionage

@sepehran @timkmak yes and no.

Certainly #NorthKorea is able to maintain that control by literally publicly executing any importer or owner of #Satcom equipment for "#espionage"...

• If in doubt, #Sneakernet is the only truly resilient communications network!

https://en.wikipedia.org/wiki/Sneakernet

After all, #Iran has almost completed it's #Splinternet infrastructure and tight control over the #Internet.

• It's not able to cut the cord amidst it's own, domestic and exporting #TechIndustry, as even the #IRGC-controlled #DIO needs to make videocalls to sell their stuff...

As for the average citizen, I expect them to organically copy the "Cuban Model" of Sneakernet and adapt to it.

• The biggest hurdle is to get anything out of Iran, not into Iran.

And I doubt Embassies are going to install WiFi Dead Drops and risk getting their premises violated as this would be considered a "hostile act" against the host country similar to Election Interference!

Four people, including two Chinese nationals, have been arrested in France on suspicion of spying for China and were brought before an investigative judge. https://www.japantimes.co.jp/news/2026/02/05/world/chinese-nationals-france-spying/?utm_medium=Social&utm_source=mastodon #worldnews #china #france #espionage

One glaring flaw with the premise of the show, "The Copenhagen Test", and all similar stories, is that seeing and hearing everything a person does means *everything*, which these stories universally ignore.

Basic bodily functions alone make such fictional(?) technologies nightmarish to monitor, for most people, not to mention other intimate and sexual acts.

#TheCopenhagenTest #tv #television #drama #espionage #spy #thriller #SciFi #ScienceFiction

Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in Southeast Asia

A Chinese threat actor, Amaranth-Dragon, has been conducting highly targeted cyber-espionage campaigns against government and law enforcement agencies in Southeast Asia throughout 2025. The group swiftly exploited the CVE-2025-8088 vulnerability in WinRAR to deliver malicious payloads, including a custom loader and the Havoc C2 Framework. Their operations demonstrate sophisticated tactics, including geo-restricted command and control servers, use of legitimate hosting services, and a new Telegram-based remote access trojan. The campaigns coincide with significant local geopolitical events, increasing the likelihood of successful compromises. Technical analysis reveals similarities with APT-41, suggesting a possible connection or shared resources between the groups.

Pulse ID: 69836c632ca6c16f064a97d5
Pulse Link: https://otx.alienvault.com/pulse/69836c632ca6c16f064a97d5
Pulse Author: AlienVault
Created: 2026-02-04 15:57:23

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #Chinese #CyberSecurity #Espionage #Government #ICS #InfoSec #LawEnforcement #OTX #OpenThreatExchange #RAT #RCE #RemoteAccessTrojan #Telegram #Trojan #Vulnerability #WinRAR #bot #cyberespionage #AlienVault

Russian spy satellites have intercepted EU communications satellites https://arstechni.ca/YBfb #spacewarfare #syndication #satellites #espionage #Luch-2 #russia #Space

A fiLm about Putin-Trump-Epstein's Honeypot First Lady

#Melania #UsPol #Espionage

US Declassifies Information on JUMPSEAT Spy Satellites

The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971... https://www.schneier.com/blog/archives/2026/02/us-declassifies-information-on-jumpseat-spy-satellites.html

#nationalsecuritypolicy #historyofsecurity #Uncategorized #espionage