Security News

Chinese APT40 hackers hijack SOHO routers to launch attacks
2024-07-09 15:11

A joint advisory from international cybersecurity agencies and law enforcement warns of the tactics used by the Chinese state-sponsored APT 40 hacking group and their hijacking of SOHO routers to launch cyberespionage attacks. Previously, APT40 was linked to a wave of attacks targeting over 250,000 Microsoft Exchange servers using the ProxyLogon vulnerabilities and campaigns involving exploiting flaws in widely used software, such as WinRAR. APT40 activity overview.

Chinese APT40 group swifly leverages public PoC exploits
2024-07-09 11:33

Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept exploits for vulnerabilities in widely used software, an advisory released by intelligence and cybersecurity agencies from eight countries warns. APT 40 "Appears to prefer exploiting vulnerable, public-facing infrastructure over techniques that require user interaction, such as phishing campaigns," and has been known to exploit vulnerabilities in software such as Log4J, Atlassian Confluence and Microsoft Exchange.

Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
2024-07-02 04:48

A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as...

US lawmakers wave red flags over Chinese drone dominance
2024-06-27 13:44

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Chinese Cyberspies Employ Ransomware in Attacks for Diversion
2024-06-27 04:20

Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft. A joint report from SentinelLabs and Recorded Future analysts presents the case of ChamelGang, a suspected Chinese advanced persistent threat that has been using the CatB ransomware strain in attacks that impact high-profile organizations worldwide.

Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware
2024-06-26 10:13

Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world...

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign
2024-06-21 13:42

A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle...

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021
2024-06-20 10:22

Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The...

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations
2024-06-20 06:34

Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first...

New Threat Actor 'Void Arachne' Targets Chinese Users with Malicious VPN Installers
2024-06-19 10:23

Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs)...