Pierluigi Paganini
March 03, 2023
China-Linked Mustang Panda APT employed MQsTTang backdoor as part of an ongoing campaign targeting European entities. China-linked Mustang Panda APT group has been observed using a new backdoor, called MQsTTang, in attacks aimed at European entities. The hacking campaign began in January 2023, ESET researchers pointed out that the custom backdoor MQsTTang is not based on existing families […]
Pierluigi Paganini
February 19, 2023
A joint report published by ENISA and CERT-EU warns of Chinese APTs targeting businesses and government organizations in the European Union. The European Union Agency for Cybersecurity (ENISA) and CERT-EU warn of multiple China-linked threat actors targeting businesses and government organizations in the EU. The joint report focus on cyber activities conducted by multiple Chinese […]
Pierluigi Paganini
February 10, 2023
Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. China is currently the country with the largest number of Android mobile devices, but a recent study conducted by researchers from the University of Edinburgh and the Trinity College of Dublin revealed that top-of-the-line Android devices sold in the country […]
Pierluigi Paganini
January 20, 2023
An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. According to the security firm, the vulnerability was exploited in attacks against a series of targets, including a […]
Pierluigi Paganini
December 15, 2022
A Chinese-speaking APT group, tracked as MirrorFace, is behind a spear-phishing campaign targeting Japanese political entities. ESET researchers recently discovered a spear-phishing campaign targeting Japanese political entities and attributed it to the Chinese-speaking APT group tracked as MirrorFace. The experts tracked the campaign as Operation LiberalFace, it aimed at Japanese political entities, especially the members of […]
Pierluigi Paganini
December 13, 2022
Citrix urges customers to update their installs to fix actively exploited zero-day (CVE-2022-27518) in Citrix ADC and Gateway. Citrix urges administrators to apply security updates for a zero-day vulnerability, tracked as CVE-2022-27518, in Citrix ADC and Gateway. The vulnerability is actively exploited by China-linked threat actors to gain access to target networks. “We are aware […]
Pierluigi Paganini
November 27, 2022
The U.S. Federal Communications Commission announced it will completely ban the import of electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua. The U.S. Federal Communications Commission (FCC) announced the total ban for telecom and surveillance equipment from Chinese companies Huawei, ZTE, Hytera, Hikvision, and Dahua due to an “unacceptable” national security threat. The US […]
Pierluigi Paganini
November 25, 2022
The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks. Reuters reports that the British government ordered its departments to stop installing Chinese security cameras at sensitive buildings due to security risks. The Government has ordered departments to disconnect the camera from core networks and to consider removing […]
Pierluigi Paganini
November 15, 2022
A suspected China-linked APT group breached a digital certificate authority in Asia as part of a campaign aimed at government agencies since March 2022. State-sponsored actors compromised a digital certificate authority in a country in Asia as part of a cyber espionage campaign aimed at multiple government agencies in the region, Symantec warns. Symantec attributes […]
Pierluigi Paganini
November 15, 2022
Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this year, Trend Micro investigated a security breach suffered by a company in Taiwan. Threat actors employed a custom Cobalt Strike loader in the attack. Further analysis, revealed that the same threat actor targeted multiple regions […]
