China

Pierluigi Paganini March 16, 2021
Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

Microsoft is reportedly investigating whether the recent attacks against Microsoft Exchange servers could be linked to information leaked by a partner security firm. According to a report published by The Wall Street Journal, Microsoft is investigating whether the threat actors behind the recent wave of attacks on Microsoft Exchange servers worldwide may have obtained sensitive […]

Pierluigi Paganini March 02, 2021
Alleged China-linked APT41 group targets Indian critical infrastructures

Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting critical infrastructure operators in India. The list of targets includes power plants, electricity distribution centers, and seaports in the country. The attacks surged while relations between […]

Pierluigi Paganini February 26, 2021
China-linked TA413 group target Tibetan organizations

The Chinese hacking group, tracked as TA413, used a malicious Firefox add-on in a cyberespionage campaign aimed at Tibetans. China-linked cyberespionage group TA413 targeted Tibetan organizations across the world using a malicious Firefox add-on, dubbed FriarFox, that allowed them to steal Gmail and Firefox browser data and deliver malware on infected systems. “We attribute this […]

Pierluigi Paganini February 22, 2021
NSA Equation Group tool was used by Chinese hackers years before it was leaked online

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. Check Point Research team discovered that China-linked APT31 group (aka Zirconium.) used a tool dubbed Jian, which is a clone of NSA Equation Group ‘s “EpMe” hacking tool years […]

Pierluigi Paganini February 03, 2021
Alleged China-linked hackers used SolarWinds bug to breach National Finance Center

Alleged China-linked hackers have exploited a flaw in the SolarWinds Orion software to hack systems at the U.S. National Finance Center. FBI investigators discovered that allegedly China-linked hackers have exploited a flaw in the SolarWinds Orion software to break into the systems of the U.S. National Finance Center. The National Finance Center is a federal […]

Pierluigi Paganini January 31, 2021
Experts explain how to bypass recent improvement of China’s Great Firewall

Experts from Great Firewall Report analyzed recent upgrades to China’s Great Firewall and revealed that it can be circumvented. Members of the Great Firewall Report group have analyzed the recent improvement implemented for China’s Great Firewall censorship system and revealed that it is possible to bypass it. Last year, the group published a detailed analysis […]

Pierluigi Paganini January 15, 2021
Winnti APT continues to target game developers in Russia and abroad

A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn. Cybersecurity researchers from Positive Technologies have uncovered a series of attacks conducted by a Chinese threat actor that aimed at organizations in Russia and Hong Kong. Experts attribute the attacks to the China-linked Winnti APT group (aka APT41) […]

Pierluigi Paganini January 05, 2021
Experts linked ransomware attacks to China-linked APT27

Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups. The experts attribute the attacks to the Chinese cyberespionage group APT27 […]

Pierluigi Paganini January 03, 2021
Over 200 million records of Chinese Citizens for Sale on the Darkweb

During a routine Dark web monitoring, the Research team at Cyble found threat actors selling 200 million+ Records of Chinese Citizens. During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens. Data might have been stolen from […]

Pierluigi Paganini November 19, 2020
Nation-state actors from Russia, China, Iran, and North Korea target Canada

Canada Centre for Cyber Security warns of risks related to state-sponsored programs from China, Russia, Iran, and North Korea. A report published by the Canadian Centre for Cyber Security, titled “National Cyber Threat Assessment 2020,” warns of risks associated with state-sponsored operations from China, Russia, Iran, and North Korea. The report is based on both […]