From Rom Lemos at Dark Reading
“The group has targeted the government, manufacturing, telecommunications, and media sectors in several Southeast Asian countries and regions, including the Philippines, Hong Kong, Taiwan, and Vietnam, according to a report released last week by the Symantec threat hunting team at Broadcom, which calls the group Billbug. While the group has expanded its focus beyond government and military organizations to include private industry, they focus almost exclusively in the Southeast Asia region, says Dick O’Brien, principal threat intelligence analyst for the Symantec Threat Hunter Team.”
From Ryan Gallagher at Bloomberg
“Hackers working with DragonForce claimed more than 90 victims last year and targeted companies across various industries, including health care, manufacturing and telecommunications, according to Broadcom’s cybersecurity unit Symantec. The attacks spanned more than a dozen countries across North America, Europe, the Middle East and Asia, according to cyber experts.”
From Lucian Constantin at CSO
Chinese cyberespionage group Billbug has revamped its attack toolkit with new malware payloads in a wide-reaching campaign targeting multiple organizations in Southeast Asia. “Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company,” researchers from Broadcom’s Symantec division wrote in a report on the activity.”
From Sead Fadilpasic at TechRadar Pro
Lotus Panda, a Chinese state-sponsored threat actor, managed to compromise multiple organizations in a number of Southeast-Asian countries, in a campaign that took place between mid-2024 and early 2025. Cybersecurity researchers from the Symantec Threat Hunter Team said the organizations included government agencies, air traffic control organizations, telecom operators, and a construction company in one country, a news agency in another, and an air freight organization in another.
Want to know more? Check these out.
✔️RSAC™ Conference 2025 highlights
✔️Cyber Wars 2025: The SMB Strikes Back
✔️5 RSAC Trends SecOps Pros Are Watching