Pierluigi Paganini September 30, 2022
Witchetty APT used steganography in attacks against Middle East entities

A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s Symantec Threat Hunter Team observed a threat actor, tracked as Witchetty, using steganography to hide a previously undocumented backdoor in a Windows logo. The group used the backdoor in attacks against Middle Eastern governments. The cyber […]

Pierluigi Paganini February 22, 2022
China-linked APT10 Target Taiwan’s financial trading industry

China-linked APT group APT10 (aka Stone Panda, Bronze Riverside) targets Taiwan’s financial trading sector with a supply chain attack. The campaign was launched by the APT10 group started in November 2021, but it hit a peak between 10 and 13 2022, Taiwanese cybersecurity firm CyCraft reported. The group (also known as Cicada, Stone Panda, MenuPass group, […]

Pierluigi Paganini November 18, 2020
China-linked APT10 leverages ZeroLogon exploits in recent attacks

Researchers uncovered a large-scale campaign conducted by China-linked APT10 targeting businesses using the recently-disclosed ZeroLogon vulnerability.  Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability.  The group, also known as Cicada, Stone Panda, and Cloud Hopper, has been active at […]

Pierluigi Paganini June 28, 2019
Cloud Hopper operation hit 8 of the world’s biggest IT service providers

A long-running operation carried out by China-linked hackers, and tracked as Cloud Hopper, has targeted clients of major companies, including IBM, HPE, Tata CS, Fujitsu, and NTT. Hackers broke into the internal networks on major companies, such as HPE and IBM, and stole corporate data and trade secrets. Then the attackers used the stolen information […]

Pierluigi Paganini June 26, 2019
Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Operation Soft Cell – Experts at Cybereason discovered that China-linked hackers have breached numerous telco providers controlling their networks. Researchers at Cybereason uncovered an ongoing long-running espionage campaign, tracked as Operation Soft Cell, that targets telco providers. Tactics, techniques, and procedures, and the type of targets suggest the involvement of a nation-state actor likely linked […]

Pierluigi Paganini December 21, 2018
US DoJ indicts Chinese hackers over state-sponsored cyber espionage

The US Department of Justice charged two Chinese hackers for hacking numerous companies and government agencies in a dozen countries, US Indicts Two Chinese Government Hackers Over Global Hacking Campaign. including Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, the United Kingdom, and the United States. The two Chinese hackers, […]

Pierluigi Paganini October 05, 2018
DHS issued an alert on attacks aimed at Managed Service Providers

The United States Department of Homeland Security (DHS) is warning of ongoing activity from an advanced persistent threat (APT) actor targeting global managed service providers (MSPs). The DHS issued an alert on ongoing attacks aimed at global managed service providers (MSPs) that are carried out by an advanced APT group. Managed services is the practice of outsourcing on a […]

Pierluigi Paganini September 15, 2018
China-linked APT10 group behind new attacks on the Japanese media sector

Recently researchers from FireEye uncovered and blocked a campaign powered by the Chinese APT10 cyber espionage group aimed at Japanese media sector In July, security researchers from FireEye uncovered and blocked a campaign carried out by Chinese APT10 group (aka Menupass, and Stone Panda) aimed at Japanese media sector. Experts noticed the group since around […]

Pierluigi Paganini April 22, 2017
Chinese APTs targeted the South Korean THAAD anti-missile systems

According to researchers at FireEye, Chinese hackers targeted the South Korean Terminal High Altitude Area Defense (THAAD) missile system. According to a new investigation conducted by security firm FireEye, Chinese hackers are trying to hack systems used by South Korea military to interfere with the deployment of an anti-ballistic weapons system. The news was confirmed […]