Hello everyone! It's been a pretty active 24 hours in the cyber world, with a significant ransomware incident, a deep dive into a global state-sponsored espionage campaign, and some critical warnings about social engineering on messaging apps. We're also seeing more scrutiny on biometric data and AI surveillance. Let's get into it:
Payment Gateway Hit by Ransomware ⚠️
- BridgePay Network Solutions, a major US payment gateway, has confirmed a ransomware attack caused widespread outages across its core production systems.
- The incident, which began on Friday, led to merchants nationwide being unable to process card payments, forcing some to go cash-only.
- While initial forensics suggest no payment card data was compromised, the attack encrypted files and highlights the critical impact of ransomware on payment infrastructure.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/payment-gateway-bridgepay-confirms-ransomware-attack-behind-outage/
Global Espionage Operation 'Shadow Campaigns' Uncovered 🕵️
- Palo Alto Networks' Unit 42 has detailed "Shadow Campaigns," a global espionage operation by an Asia-based state-sponsored actor (tracked as TGR-STA-1030/UNC6619) active since January 2024.
- The group has compromised at least 70 government and critical infrastructure organisations in 37 countries, with reconnaissance efforts targeting 155 nations.
- Initial access methods include tailored phishing with a custom 'Diaoyu' loader and exploitation of 15 known vulnerabilities, alongside the deployment of 'ShadowGuard', a custom Linux kernel eBPF rootkit designed for stealthy persistence.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/state-actor-targets-155-countries-in-shadow-campaigns-espionage-op/
State-Sponsored Signal Phishing Targets High-Value Individuals 📱
- German intelligence agencies (BfV and BSI) are warning of state-sponsored phishing attacks via the Signal messaging app, targeting politicians, military personnel, diplomats, and journalists.
- Attackers impersonate "Signal Support" to trick victims into revealing their Signal PIN or scanning a malicious QR code, gaining access to contacts, profile information, and potentially message history.
- This campaign doesn't exploit Signal vulnerabilities but weaponises its legitimate features; similar tactics could extend to WhatsApp, underscoring the need for Registration Lock and vigilance against social engineering.
📰 The Hacker News | https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html
Biometric Surveillance Under Scrutiny 🔒
- New York City's MTA is trialling AI-powered cameras in subway gates to detect fare evasion, generating physical descriptions of suspected individuals and raising significant privacy concerns.
- This initiative is part of a broader trend of increasing biometric surveillance in NYC by both government and retailers, prompting warnings about "sleepwalking into a surveillance state."
- Separately, the DHS Inspector General has launched an audit into the Department of Homeland Security's privacy practices, specifically focusing on the collection and management of biometric data by ICE and OBIM amid allegations of civil liberties violations.
🗞️ The Record | https://therecord.media/nyc-explores-ai-cameras-fare-evaders-subway
🤫 CyberScoop | https://cyberscoop.com/dhs-ig-audit-ice-obim-biometric-data-privacy-facial-recognition/
#CyberSecurity #Ransomware #Espionage #APT #StateSponsored #Phishing #SocialEngineering #SignalApp #DataPrivacy #BiometricSurveillance #AI #InfoSec #ThreatIntelligence #IncidentResponse
