Security News
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first...
Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs)...
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Coathanger - a piece of malware specifically built to persist on Fortinet's FortiGate appliances - may still be lurking on too many devices deployed worldwide. It's also difficult to detect its presence by using FortiGate CLI commands, and to remove it from compromised devices.
As the MIVD disclosed in February in a joint report with the General Intelligence and Security Service, Chinese hackers exploited a critical FortiOS/FortiProxy remote code execution vulnerability over a few months between 2022 and 2023 to deploy malware on vulnerable Fortigate network security appliances. The MIVD found that this previously unknown malware strain, which could survive system reboots and firmware upgrades, was deployed by a Chinese state-sponsored hacking group in a political espionage campaign targeting the Netherlands and its allies.
Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023. The...
Sophos released its report, "Operation Crimson Palace: Threat Hunting Unveils Multiple Clusters of Chinese State-Sponsored Activity Targeting Southeast Asia," which details a highly sophisticated, nearly two-year long espionage campaign against a high-level government target. During Sophos X-Ops' investigation, which began in 2023, the managed detection and response team found three distinct clusters of activity targeting the same organization, two of which included tactics, techniques and procedures that overlap with well-known, Chinese nation-state groups: BackdoorDiplomacy, APT15 and the APT41 subgroup Earth Longzhi.
Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace. According to a report from cybersecurity company Sophos, the campaign relied on new malware variants and three different activity clusters that indicate a coordinated attack.
An unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace....
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.