Lucene search
K

12 matches found

hivepro
hivepro
added 2024/06/29 2:1 a.m.9 views

ChamelGang’s Double Play: Strategy Beyond Encryption

...

7.3AI score
Exploits0
HackRead
HackRead
added 2024/06/26 11:5 p.m.11 views

Chinese Espionage Group “ChamelGang” Uses Attacks for Disruption and Data Theft

Beware! Chinese cyberespionage group ChamelGang targets critical infrastructure like aviation and government systems. SentinelOne report reveals potential attacks across Asia. Learn more about ChamelGang's cyberespionage activities...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/26 10:13 a.m.76 views

Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware

Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021 and 2023. While one cluster of activity has been associated with the ChamelGang aka CamoFei,...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/20 6:45 a.m.27 views

Actors, Threats and Vulnerabilities 12 June to 18 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of twenty different vulnerabilities in...

2.3CVSS7AI score0.13638EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/06/16 1:54 p.m.3 views

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities. The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS DoH tunneling...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/16 1:54 p.m.92 views

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities. The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS DoH tunneling...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/16 12:54 p.m.16 views

ChamelGang Strikes Again With ChamelDoH Malware XDNS-over-HTTPS

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Chinese threat group ChamelGang has developed the Linux malware ChamelDoH, which uses DNS-over-HTTPS for encrypted communication with attackers. To receive real-time threat advisories, please follow...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/22 7:19 a.m.64 views

NAPLISTENER: New Malware in REF2924 Group's Arsenal for Bypassing Detection

The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia. The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C and is designed to evade "network-based forms of...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/22 7:19 a.m.2 views

NAPLISTENER: New Malware in REF2924 Group's Arsenal for Bypassing Detection

The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia. The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C and is designed to evade "network-based forms of...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/22 10:59 a.m.30 views

Hydrochasma: New Threat Actor Targets Shipping Companies and Medical Labs in Asia

Shipping companies and medical laboratories in Asia have been the subject of a suspected espionage campaign carried out by a never-before-seen threat actor dubbed Hydrochasma. The activity, which has been ongoing since October 2022, "relies exclusively on publicly available and living-off-the-lan...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/04 12:48 p.m.311 views

A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. Cybersecurity company Positive...

10CVSS2.1AI score0.99999EPSS
Exploits32
ThreatPost
ThreatPost
added 2021/10/01 12:36 p.m.137 views

New APT ChamelGang Targets Russian Energy, Aviation Orgs

A new APT group has emerged that’s specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to compromise networks. Researchers at security firm...

10CVSS9.3AI score0.99999EPSS
Exploits32References11
Rows per page
Query Builder