8 matches found
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Cybersecurity researchers have disclosed details of an advanced persistent threat APT group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024. "Silver Dragon gains its initial access by exploiting public-facing...
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems
An advanced persistent threat APT group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme. "This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious...
Chinese Group TheWizards Exploits IPv6 to Drop WizardNet Backdoor
ESET has discovered Spellbinder, a new tool used by the China-linked cyber espionage group TheWizards to conduct AitM…...
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday issued an emergency directive urging Federal Civilian Executive Branch FCEB agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure ICS and Ivanti Policy Secure IPS products...
Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX
A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX , has been ongoing since at...
UNC3886 targets technologies with custom malware and exploits zero-day vulnerabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC3886 is a cyber espionage Chinese group that targets technologies without EDR solutions and exploits zero-day vulnerabilities to steal user credentials and maintain access. To receive real-time threat...
Suspected Chinese Cyber Espionage Group (TEMP.Periscope) Targeting U.S. Engineering and Maritime Industries
Intrusions Focus on the Engineering and Maritime Sector Since early 2018, FireEye including our FireEye as a Service FaaS, Mandiant Consulting, and iSIGHT Intelligence teams has been tracking an ongoing wave of intrusions targeting engineering and maritime entities, especially those connected to...
Inside the Targeted Attack on The New York Times
The Chinese group behind the targeted attack on the New York Times was laser focused on accessing the email of a reporter and the newspaper’s former Beijing bureau chief to the point that it used an inordinate number of custom malware samples to get the job done. “In terms of statistics, 45 custo...