13 matches found
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-1087 , where CL refers to cluster, and...
China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz
The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November...
PT-2023-26610 · Inspect Element · Echo.Ac
Name of the Vulnerable Software and Affected Versions: Inspect Element Ltd Echo.ac version 5.2.1.0 Description: An issue in Inspect Element Ltd Echo.ac allows a local attacker to gain privileges via a crafted command to the echo driver.sys component. This issue has been reportedly used by various...
Gelsemium APT Group Uses “Rare” Backdoor in Southeast Asian Attack
By Waqas Elusive APT Group Gelsemium Emerges in Rare Southeast Asian Attack, Unveils Unique Tactics. KEY FINDINGS Cybersecurity researchers at… This is a post from HackRead.com Read the original post: Gelsemium APT Group Uses "Rare" Backdoor in Southeast Asian Attack...
Attacks, Vulnerabilities and Actors 14 August to 20 August 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, one instance of adversary activity, and four zero-day...
Chinese Hackers Using Stolen Ivacy VPN Certificate To Sign Malware
By Waqas Bronze Starlight hackers have been cleverly utilizing a valid Ivacy VPN code-signing certificate to target the Southeast Asian gambling industry. This is a post from HackRead.com Read the original post: Chinese Hackers Using Stolen Ivacy VPN Certificate To Sign Malware...
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...
IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems,...
SparklingGoblin Revamps SideWalk Backdoor for Linux Variant
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SparklingGoblin aka Earth Baku State-backed Chinese hackers has integrated a Linux variant of the SideWalk backdoor. SparklingGoblin Threat actors typically target East and Southeast Asian countries, wit...
Novel ‘Victory’ Backdoor Spotted in Chinese APT Campaign
An ongoing surveillance operation has been uncovered that targets a Southeast Asian government, researchers said – using a previously unknown espionage malware. According to Check Point Research, the attack involves spear-phishing emails with malicious Word documents to gain initial access, along...
Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities
Beginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation of web shells for persistent access, remote code execution, and reconnaissance for endpoint securit...
Mysterious APT Leaves Curious ‘KilllSomeOne’ Clue
Researchers are scratching their heads when it comes to unmasking a new advanced persistent threat APT group targeting non-governmental organizations in the Southeast Asian nation Myanmar formerly Burma. Based on crude messages, such as “KilllSomeOne”, used in attack code strings, coupled with...
A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments
Phishing is still one of the widely used strategies by cybercriminals and espionage groups to gain an initial foothold on the targeted systems. Though hacking someone with phishing attacks was easy a decade ago, the evolution of threat detection technologies and cyber awareness among people has...