Security News

Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
2024-01-20 10:23

An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in...

Chinese hackers exploit VMware bug as zero-day for two years
2024-01-19 16:32

A Chinese hacking group has been exploiting a critical vCenter Server vulnerability as a zero-day since at least late 2021. In the next stage, they exploited the CVE-2023-20867 VMware Tools authentication bypass flaw to escalate privileges, harvest files, and exfiltrate them from guest VMs. While, until now, Mandiant didn't know how the attackers gained privileged access to victims' vCenter servers, the link was made evident in late 2023 by a VMware vmdird service crash minutes before the backdoors' deployment closely matching CVE-2023-34048 exploitation.

Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
2024-01-11 05:29

A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity...

US Navy sailor swaps sea for cell after accepting bribes from Chinese snoops
2024-01-09 16:30

A US Naval sailor will face more than two years behind bars after pleading guilty to taking bribes from Chinese spies in exchange for sensitive military information. Larissa L Knapp, executive assistant director of the FBI's national security branch, said China's efforts to undermine the national security of the US and its allies have been "Aggressive" and at times illegal.

Three Chinese balloons float near Taiwanese airbase
2024-01-04 10:15

Four Chinese balloons have reportedly floated over the Taiwan Strait, three of them crossing over the island's land mass and near its Ching-Chuan-Kang air base before disappearing, according to the Taiwan's defense ministry. An appearance of a similar Chinese balloon caused quite a stir in the US last February.

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances
2023-12-27 12:35

Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoor on a "limited number" of devices. Tracked...

Barracuda fixes new ESG zero-day exploited by Chinese hackers
2023-12-27 11:49

Network and email security firm Barracuda says it remotely patched all active Email Security Gateway appliances on December 21 against a zero-day bug exploited by UNC4841 Chinese hackers. The company deployed a second wave of security updates a day later on already compromised ESG appliances where the attackers deployed SeaSpy and Saltwater malware.

Alert: Chinese-Speaking Hackers Pose as UAE Authority in Latest Smishing Wave
2023-12-20 10:20

The Chinese-speaking threat actors behind Smishing Triad have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages...

National Grid latest UK org to zap Chinese kit from critical infrastructure
2023-12-18 12:36

The National Grid is reportedly the latest organization in the UK to begin pulling China-manufactured equipment from its network over cybersecurity fears. The contract with the UK subsidiary of China's state-owned Nari Technology, NR Electric UK, was terminated after seeking advice from the National Cyber Security Centre, according to sources who spoke to the Financial Times.

Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
2023-12-01 10:49

A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan...