Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

Posted by & filed under Ειδοποιήσεις.

Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and… Read more »

U.S. charges Chinese Winnti hackers for attacking 100+ companies (APT41)

Posted by & filed under Security News.

The U.S. Department of Justice announced today charges against five Chinese nationals fort cyberattacks on more than 100 companies, some of them being attributed to state-backed hacking group APT41. APT41 is one of the oldest threat groups, known primarily for cyber-espionage operations against a variety of entities, including software developers, gaming companies, hardware manufacturers, think… Read more »

Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies

Posted by & filed under Ειδοποιήσεις.

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. “CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People’s Republic of China using commercially available information sources and open-source exploitation… Read more »

Chinese malware used in attacks against Australian orgs

Posted by & filed under Ειδοποιήσεις.

The Australian government released an advisory late last week about increased cyber activity from a state actor against networks belonging to its agencies and companies in the country. Behind the attack is a “sophisticated” adversary that relies on slightly modified proof-of-concept exploit code for yesteryear vulnerabilities, the government says. An unofficial blame finger points to… Read more »

Chinese Rancor APT Refreshes Malware Kit for Espionage Attacks

Posted by & filed under Ειδοποιήσεις.

A Chinese-linked hacking group deployed a new malware strain dubbed Dudell as part of attacks targeting Cambodian government organizations between December 2018 and January 2019. The threat group tracked as Rancor by Palo Alto Networks’ Unit 42 is known to have operated highly-targeted cyber-espionage campaigns against other targets from South East Asia, including but not limited… Read more »