Espionage

🟡 Medium | Source: The Register — Security The Five Eyes intelligence alliance has issued a warning about China’s ongoing campaign to recruit Western nationals via LinkedIn and other professional networks, offering cash in exchange for state secrets and sensitive government or corporate information. The campaign targets individuals with access to classified or commercially valuable data, using social engineering tactics that have been observed for several years but appear to be intensifying. This matters because cloud engineers and architects working on government or defence-adjacent projects are plausible targets given their access to sensitive infrastructure. ...

🟠 High | Source: The Register — Security The Five Eyes intelligence alliance has issued a warning about China’s ongoing campaign to recruit Western government employees and contractors via LinkedIn, offering cash in exchange for state secrets. The tradecraft involves seemingly innocuous connection requests that escalate into paid intelligence relationships. This is a long-running threat that intelligence officials say continues to grow in scale and sophistication. Architect’s Take: Cloud security architects with clearances or access to sensitive government cloud environments should review their organisation’s social media policies and ensure staff handling sensitive infrastructure are briefed on LinkedIn-based social engineering. Consider implementing insider threat monitoring and reinforcing acceptable use policies around unsolicited professional contact from unknown foreign nationals. ...

🟠 High | Source: The Hacker News Unknown threat actors maintained covert access to a senior stock exchange executive’s Outlook mailbox for at least five months, quietly exfiltrating email data in small batches to evade detection. The stolen data was routed through legitimate cloud storage services — Dropbox and OneDrive — to blend with normal business traffic. Symantec and Carbon Black attribute the campaign to espionage, suggesting a nation-state or sophisticated threat actor targeting financial sector intelligence. ...

🟠 High | Source: The Hacker News Unknown threat actors maintained covert access to a senior stock exchange executive’s Microsoft Outlook mailbox for at least five months, systematically exfiltrating email data in small batches to avoid detection. The stolen data was routed through Dropbox and OneDrive to blend with legitimate cloud traffic, making it harder for security tools to flag the activity. The campaign bears the hallmarks of a state-sponsored or sophisticated espionage operation targeting high-value financial intelligence. ...