Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-1087 , where CL refers to cluster, and...

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

The threat actor behind the recently disclosed artificial intelligence AI-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its...

Who Operates the Badbox 2.0 Botnet?

The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.0 , a vast China-based botnet powered by malicious software that comes pre-installed on many...

QNAP Systems Hero和QNAP Systems QTS 代码问题漏洞

QNAP Systems Hero and QNAP Systems QTS are both products of China-based Weilian Technology QNAP Systems.QNAP Systems Hero is a NAS operating system for file management. The system retains the application ecosystem of QTS and integrates the more powerful 128-bit ZFS file system to provide...

1 million victims, 17,500 fake sites: Google takes on toll-fee scammers

A Phishing-as-a-Service PhaaS platform based in China, known as “Lighthouse,” is the subject of a new Google lawsuit. Lighthouse enables smishing SMS phishing campaigns, and if you’re in the US there is a good chance you've seen their texts about a small amount you supposedly owe in toll fees...

Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York SDNY against China-based hackers who are behind a massive Phishing-as-a-Service PhaaS platform called Lighthouse that has ensnared over 1 million users across 120 countries. The PhaaS kit is used to...

QNAP Systems QuLog Center 跨站脚本漏洞

QNAP Systems QuLog Center is a report field for China-based QNAP Systems that logs events reported by the system. A cross-site scripting vulnerability exists in QNAP Systems QuLog Center version 1.8.2.923, which stems from susceptibility to cross-site scripting attacks that could result in...

From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware

A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. "The initially observed campaigns were tailored to the targets, and the message...

Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware

Bitdefender uncovers EggStreme, a fileless malware by a China-based APT targeting the Philippine military and APAC organisations. Cybersecurity…...

Unspecified Vulnerability in D-Link DSL-7740C

The D-Link DSL-7740C is a modem from China-based AUO D-Link. A security vulnerability exists in the D-Link DSL-7740C, which can be exploited by attackers to escalate privileges via brute force attack...

AOMEI Cyber Backup 访问控制错误漏洞

AOMEI Cyber Backup is a backup and restore software from China-based AOMEI Technology AOMEI. An access control error vulnerability exists in AOMEI Cyber Backup that stems from a lack of authentication for critical functions, which could lead to remote code execution...

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control C2 framework called AK47 C2 also spelled ak47c2 in its operations. The framework includes at least two different types of clients, HTTP-based...

Overcoming Risks from Chinese GenAI Tool Usage

A recent analysis of enterprise data suggests that generative AI tools developed in China are being used extensively by employees in the US and UK, often without oversight or approval from security teams. The study, conducted by Harmonic Security, also identifies hundreds of instances in which...

CVE-2019-15304

Lierda Grill Temperature Monitor V1.0050006 has a default password of admin for the admin account, which allows an attacker to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. This wifi thermometer app requests and...

TOTOLINK多款产品 安全漏洞

TOTOLINK A3000RU and others are products of China-based TOTOLINK Electronics TOTOLINK.TOTOLINK A3000RU is a wireless router.TOTOLINK A950RG is an Ultra-Generation Giga wireless router.TOTOLINK A830R is a wireless dual-band router. A security vulnerability exists in several TOTOLINK products, whic...

编号撤回

Lingxing ERP is a cross-border e-commerce system from China-based Lingxing Lingxing. This CVE number has been withdrawn...

China-based SMS Phishing Triad Pivots to Banks

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called "Smishing Triad " mainly impersonated toll road operators and shipping companies. But experts say these groups a...

D-Link DIR-605L/DIR-618 formSetDomainFilter Function Access Control Error Vulnerability

The D-Link DIR-605L and D-Link DIR-618 are both a wireless router from China-based AUO D-Link. An access control error vulnerability exists in the D-Link DIR-618 version 2.02 and the D-Link DIR-605L version 3.02, which stems from improper access control in the file /goform/formSetDomainFilter, an...

e-Excellence U-Office Force 安全漏洞

e-Excellence U-Office Force is an e-Office platform from China-based First Class Technology e-Excellence. A security vulnerability exists in e-Excellence U-Office Force that stems from improper authentication, which could result in an unauthenticated remote attacker logging in as an administrator...

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air...