Lucene search
+L

64 matches found

trendmicroblog
trendmicroblog
added 2023/05/02 12:0 a.m.14 views

Attack on Security Titans: Earth Longzhi Returns With New Tricks

After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat APT group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/03/29 8:44 a.m.25 views

Chinese Cyber Espionage Targets Middle Eastern Telecoms

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Chinese cyber espionage actors, Gallium and APT41, linked to Operation Soft Cell campaign, are targeting Middle Eastern telecommunications sector. To receive real-time threat advisories, please follow...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/01 8:42 a.m.39 views

Blackfly Chinese APT targets Asian conglomerate in materials sector

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Blackfly espionage group, also known as APT41, Winnti Group, or Bronze Atlas, has been targeting multiple subsidiaries of an Asian conglomerate operating in the...

1AI score
Exploits0
thn
thn
added 2022/11/14 1:3 p.m.81 views

New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders

Entities located in East and Southeast Asia as well as Ukraine have been targeted at least since 2020 by a previously undocumented subgroup of APT41, a prolific Chinese advanced persistent threat APT. Cybersecurity firm Trend Micro, which christened the espionage crew Earth Longzhi, said the...

7.8CVSS0.1AI score0.18188EPSS
Exploits5
hivepro
hivepro
added 2022/11/11 2:9 p.m.19 views

Earth Longzhi: New subgroup of APT41

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Earth Longzhi is running a spearphishing campaign to infect organizations with a payload such as Cobalt Strike loader, Symatic loader, CroxLoader, BigpipeLoader, OutLoader, and other custom hacking tools...

0.6AI score
Exploits0
trendmicroblog
trendmicroblog
added 2022/11/09 12:0 a.m.19 views

Hack the Real Box: APT41’s New Subgroup Earth Longzhi

We looked into the campaigns deployed by a new subgroup of advanced persistent threat APT group APT41, Earth Longzhi. This entry breaks down the technical details of the campaigns in full as presented at HITCON PEACE 2022 in August...

1.1AI score
Exploits0
hivepro
hivepro
added 2022/10/20 11:46 a.m.28 views

The Spyder Loader malware targets organizations in Hong Kong

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Spyder Loader malware was first publicly documented in March 2021. The recent Spyder Loader malware campaign appears to have had the ultimate goal of information theft, and the threat actor behind th...

1.1AI score
Exploits0
thn
thn
added 2022/09/14 10:20 a.m.28 views

SparklingGoblin APT Hackers Using New Linux Variant of SideWalk Backdoor

A Linux variant of a backdoor known as SideWalk was used to target a Hong Kong university in February 2021, underscoring the cross-platform abilities of the implant. Slovak cybersecurity firm ESET, which detected the malware in the university's network, attributed the backdoor to a nation-state...

0.1AI score
Exploits0
openvas
openvas
added 2022/08/24 12:0 a.m.234 views

Hikvision IP Camera RCE Vulnerability (HSRC-202109-01) - Active Check

Multiple Hikvision IP camera devices are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

9.8CVSS9AI score0.99869EPSS
Exploits23References6
thn
thn
added 2022/08/18 1:33 p.m.62 views

China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year

The Chinese advanced persistent threat APT actor tracked as Winnti has targeted at least 13 organizations geographically spanning across the U.S, Taiwan, India, Vietnam, and China against the backdrop of four different campaigns in 2021. "The targeted industries included the public sector,...

1.1AI score
Exploits0
malwarebytes
malwarebytes
added 2022/06/21 10:4 a.m.1388 views

Security vulnerabilities: 5 times that organizations got hacked

Businesses and governments these days are relying on dozens of different Software-as-a-Service SaaS applications to run their operations — and it’s no secret that hackers are always looking for security vulnerabilities in them to exploit. According to research by BetterCloud, the average company...

9.3CVSS10AI score0.99999EPSS
Exploits363
securelist
securelist
added 2022/05/27 8:0 a.m.26 views

IT threat evolution Q1 2022

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022. Mobile statistics Targeted attacks MoonBounce: the dark side of UEFI firmware Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware...

6.8AI score
Exploits0
thn
thn
added 2022/05/04 1:4 p.m.22 views

Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies

An elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed to fly under the radar since at least 2019. Dubbed "Operation CuckooBees" by Israeli cybersecurity company Cybereason, the massive intellectual property theft operation enabled the threa...

6.9AI score
Exploits0
thn
thn
added 2022/05/03 5:32 a.m.28 views

Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector

A Chinese-aligned cyberespionage group has been observed striking the telecommunication sector in Central Asia with versions of malware such as ShadowPad and PlugX. Cybersecurity firm SentinelOne tied the intrusions to an actor it tracks under the name "Moshen Dragon," with tactical overlaps...

1AI score
Exploits0
hivepro
hivepro
added 2022/03/14 4:24 p.m.232 views

Weekly Threat Digest: 7 – 13 March 2022

For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 538 16 3 42 19 89 The second week of March 2022 witnessed the discovery of 538 vulnerabilities out of which 16...

9.3CVSS0.4AI score0.99999EPSS
Exploits459
hivepro
hivepro
added 2022/03/10 5:54 a.m.11 views

RangnarLocker Ransomware hits Critical Infrastructure Compromising 50+ Organizations

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Federal Bureau of Investigation FBI has released an alert on Ragnarlocker campaign that has affected nearly 52 organizations encompassing 10 critical infrastructure sectors, including entities in significant manufacturing,...

6.8AI score
Exploits0
threatpost
threatpost
added 2022/03/09 9:10 p.m.238 views

APT41 Spies Broke Into 6 US State Networks via a Livestock App

USAHerds – an app used PDF by farmers to speed their response to diseases and other threats to their livestock – has itself become an infection vector, used to pry open at least six U.S. state networks by one of China’s most prolific state-sponsored espionage groups. In a report published by...

10CVSS10AI score0.99999EPSS
Exploits384References25
hivepro
hivepro
added 2022/03/09 2:37 p.m.43 views

Chinese state-sponsored threat group APT41 targets U.S. critical organizations using two Zero-Days

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A China state-sponsored threat group known as APT41 is observed compromising at least six U.S. state governments networks in a threat campaign beginning from May 2021. APT41 is a well-known Chinese state-sponsored espionage...

9.3CVSS0.2AI score0.99999EPSS
Exploits354
thn
thn
added 2022/03/09 10:4 a.m.354 views

Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications. The exploited vulnerabilities included "a zero-d...

10CVSS0.3AI score0.99999EPSS
Exploits354
wired
wired
added 2022/03/08 3:0 p.m.15 views

Chinese Spies Hacked a Livestock App to Breach US State Networks

Vulnerabilities in animal tracking software USAHERDS and Log4j gave the notorious APT41 group a foothold in multiple government systems...

1.1AI score
Exploits0
Rows per page
Query Builder