Pierluigi Paganini
October 20, 2021
China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. A China-linked hacking group, tracked as LightBasin (aka UNC1945), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. The cyberespionage group has been active […]
Pierluigi Paganini
October 13, 2021
A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. The attacks were conducted between late August and early September 2021 […]
Pierluigi Paganini
August 04, 2021
China-linked APT31 group employed a new strain of malware in attacks aimed at entities in Mongolia, Belarus, Canada, the US, and Russia. Researchers from Positive Technologies reported that China-linked APT31 group has been using a new piece of malware in a recent wave of attacks targeting Mongolia, Belarus, Canada, the United States, and Russia. Experts […]
Pierluigi Paganini
August 03, 2021
China linked APT groups have targeted networks of at least five major telecommunications companies operating in Southeast Asia since 2017. Cybereason researchers identified three clusters of activity associated with China-linked threat actors that carried out a series of attacks against networks of at least five major telecommunications companies located in South Asia since 2017. “The goal […]
Pierluigi Paganini
August 01, 2021
Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims. Kaspersky spotted a new Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange vulnerabilities in attacks aimed at high-profile victims. The long-running operation carried out by the group mostly targeted […]
Pierluigi Paganini
July 21, 2021
French cyber-security agency ANSSI warned of an ongoing cyberespionage campaign aimed at French organizations carried out by China-linked APT31 group. The French national cyber-security agency ANSSI warned of ongoing attacks against a large number of French organizations conducted by the Chine-linked APT31 cyberespionage group. The state-sponsored hackers are hijacking home routers to set up a […]
Pierluigi Paganini
July 19, 2021
US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The U.S. Justice Department (DoJ) indicted four members of the China-linked cyber espionage group APT40 (aka TEMP.Periscope, TEMP.Jumper, and Leviathan) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. […]
Pierluigi Paganini
July 14, 2021
Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]
Pierluigi Paganini
June 20, 2021
Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. The attribution of the attack to the APT31 grouo is based […]
Pierluigi Paganini
June 19, 2021
Experts attribute a series of cyber-espionage campaigns dating back to 2014, and focused on gathering military intelligence, to China-linked Unit 69010. Experts from Recorded Future’s Insikt Group linked a series of attacks, part of RedFoxtrot China-linked campaigns, to the PLA China-linked Unit 69010 The cyber-espionage campaigns dated back 2014 and focused on gathering military intelligence […]
