Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Beijing Institute alliance reshapes ransomware ecosystem operations

Threat Actor Meta
First reported
Last updated
Happening score
H score 22
2 unique sources, 2 articles

Summary

Hide ▲

BIETA and its subsidiary CIII were assessed as likely MSS front organizations, expanding China’s cyber-enabled intelligence ecosystem and strengthening support for covert operations. The finding matters because the firms appear to bridge research, tooling, and proxy tradecraft for intelligence, counterintelligence, and military missions.

Related Happenings

UK government FCA Bank of England and **CMORG** Issued a statement urging firms to actively manage frontier AI cyber risks and strengthen defenses for **May 15** and ongoing

Public Sector Action
First: 18.05.2026 12:00 Last: 18.05.2026 12:00 Sources 1

About this happening: The **UK government**, **FCA**, and **Bank of England** issued a **May 15** statement telling **UK financial services firms** to actively manage **frontier AI** cyber risks, becau...

Open Happening

Phantom Taurus as a China-aligned espionage actor targeting government and telecoms

Threat Actor Meta
First: 30.09.2025 19:07 Last: 30.09.2025 19:07 Sources 1

About this happening: **Phantom Taurus** has been formally classified by **Palo Alto Networks Unit 42** as a **China-aligned espionage actor** targeting **government agencies, embassies, military opera...

Open Happening

Phantom Taurus Operation Diplomatic Specter espionage campaign

Campaign
First: 30.09.2025 19:07 Last: 30.09.2025 19:07 Sources 1

About this happening: The **Phantom Taurus** campaign, also tracked as **CL-STA-0043** and **TGR-STA-0043** under **Operation Diplomatic Specter**, is a **China-linked espionage operation** targeting *...

Open Happening

RedNovember-Storm-2077-TAG-100 alliance reshapes ransomware ecosystem operations

Threat Actor Meta
First: 24.09.2025 19:36 Last: 24.09.2025 19:36 Sources 1

About this happening: **Recorded Future** has reclassified **TAG-100** as **RedNovember**, clarifying a **Chinese state-sponsored** espionage actor also tracked by **Microsoft** as **Storm-2077**. The...

Open Happening

RedNovember (Storm-2077) public-PoC espionage campaign

Campaign
First: 24.09.2025 04:00 Last: 24.09.2025 04:00 Sources 1

About this happening: **RedNovember** is a suspected **Chinese state-sponsored** campaign also tracked as **Storm-2077** that targeted **perimeter appliances** of high-profile organizations globally be...

Open Happening

Timeline

  1. 06.10.2025 17:00 2 articles · 7mo ago

    Recorded Future assesses BIETA and CIII as MSS-linked

    Initial Disclosure

    Recorded Future assessed that the Beijing Institute of Electronics Technology and Application (BIETA) and its subsidiary, Beijing Sanxin Times Technology Co., Ltd. (CIII), are likely linked to China's Ministry of State Security (MSS) through personnel ties and connections to the University of International Relations, and said the firms research, develop, import, and sell steganography, covert communications, counterintelligence, malware-enabling, and network penetration testing capabilities that may support MSS cyber-enabled intelligence operations.

    Show sources
    Open in new tab