10 matches found
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
A China-linked advanced persistent threat APT group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System DNS requests to deliver its signature MgBot backdoor in attacks targeting victims in TΓΌrkiye, China, and India. The activity,...
Evasive Panda APT poisons DNS requests to deliver MgBot
Introduction The Evasive Panda APT group also known as Bronze Highland, Daggerfly, and StormBamboo has been active since 2012, targeting multiple industries with sophisticated, evolving tactics. Our latest research June 2025 reveals that the attackers conducted highly-targeted campaigns, which...
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03)
This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from our browsers to those fancy cameras that zoom and spin. You know, the ones they use in spy movies? π΅οΈββοΈ We're talking password-stealing bots, sneaky extensions that spy on you,...
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services
A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud...
China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider ISP to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highlan...
Attacks, Vulnerabilities and Actors 11 to 17 March 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, HiveForce Labs discovered eight executed attacks, uncovered ten vulnerabilities, and identified two active...
Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor
By Waqas Evasive Panda, also identified as BRONZE HIGHLAND and Daggerfly, is carrying out global targeting of Tibetans. This is a post from HackRead.com Read the original post: Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor...
Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and ...
Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
The advanced persistent threat APT group referred to as Evasive Panda has been observed targeting an international non-governmental organization NGO in Mainland China with malware delivered via update channels of legitimate applications like Tencent QQ. The attack chains are designed to distribut...
Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
The advanced persistent threat APT group referred to as Evasive Panda has been observed targeting an international non-governmental organization NGO in Mainland China with malware delivered via update channels of legitimate applications like Tencent QQ. The attack chains are designed to distribut...