HackDig : Dig high-quality web security articles

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. Volexity researchers discovered that the zero-day vulnerability, tracked as CVE-2022-1040, in Sophos Firewall was exploited by Chinese threat actors to compromise a company and cloud-hosted web servers it was operating.
Publish At:2022-06-17 19:16 | Read:336 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China CVE-202

SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases

Chinese cybercriminals are using SeaFlower backdoored versions of iOS and Android Web3 wallets to steal users’ seed phrase. Researchers from Confiant have uncovered a sophisticated malware campaign, tracked as SeaFlower, targeting Web3 wallet users. Chinese crooks are spreading backdoored versions of iOS and Android Web3 wallets to steal users’ seed phras
Publish At:2022-06-14 03:12 | Read:202 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking Malware China C

China-linked threat actors have breached telcos and network service providers

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers. The nation-state actors exploit pub
Publish At:2022-06-08 06:33 | Read:404 | Comments:0 | Tags:APT Breaking News Reports Security China China-linked threat

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor An “extremely sophisticated” China-linked APT tracked as LuoYu was delivering malware called WinDealer via man-on-the-side attacks. Researchers from Kaspersky have uncovered an “extremely sophisticated” China-linked APT group, tracked as LuoYu, 
Publish At:2022-06-03 20:25 | Read:308 | Comments:0 | Tags:APT Breaking News Hacking Malware China hacking news IT Info

Massive increase in XorDDoS Linux malware in last six months

Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). MMD believed the Linux Trojan originated in China. Based on a case study in 2015, Akamai strengthen
Publish At:2022-05-25 12:59 | Read:314 | Comments:0 | Tags:Reports akamai china CrowdStrike Linux malware Linux Trojan

China-linked Space Pirates APT targets the Russian aerospace industry

A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. The group has been active since at least 20
Publish At:2022-05-19 10:31 | Read:380 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China hacking

Experts uncovered a new wave of attacks conducted by Mustang Panda

China-linked Mustang Panda APT group targets entities in Asia, the European Union, Russia, and the US in a new wave of attacks. In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. The attacks were also r
Publish At:2022-05-09 06:26 | Read:727 | Comments:0 | Tags:APT Breaking News Hacking Intelligence China Cybersecurity c

China-linked Winnti APT steals intellectual property from companies worldwide

A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers from Cybereason uncovered a sophisticated cyberespionage campaign, dubbed Operation CuckooBees, aimed at stealing intellectual property from the victims. The campaign flew under the radar
Publish At:2022-05-04 18:14 | Read:747 | Comments:0 | Tags:APT Hacking Intelligence Malware Security China Cybersecurit

China-linked APT Curious Gorge targeted Russian govt agencies

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge, is targeting Russian government agencies. The Google TAG team
Publish At:2022-05-03 20:15 | Read:987 | Comments:0 | Tags:APT Breaking News Intelligence China Curious Gorge Hacking h

State-backed hacking group from China is targeting the Russian military

In an unexpected turn of events, research has surfaced about a Chinese APT (advanced persistent threat) group targeting the Russian military in recent cyberattacks. Tracked as Bronze President, Mustang Panda, RedDelta, and TA416, the group has focused mainly on Southeast Asian targets—and more recently, European diplomats—and turned their attention toward
Publish At:2022-05-03 12:48 | Read:850 | Comments:0 | Tags:Social engineering Blagoveshchensk Bronze President china De

China-linked Moshen Dragon abuses security software to sideload malware

A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. Both PlugX and ShadowPad malware are very common amon
Publish At:2022-05-03 07:00 | Read:592 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence China h

Experts warn of a surge in zero-day flaws observed and exploited in 2021

The number of zero-day vulnerabilities exploited in cyberattacks in the wild exploded in the last years, security firm report. Google and Mandiant have published two reports that highlight a surge in the discovery of zero-day flaws exploited by threat actors in attacks in the wild. Google’s Project Zero researchers reported that 58 zero-day were discov
Publish At:2022-04-25 06:25 | Read:1191 | Comments:0 | Tags:APT Breaking News Hacking Security China Cybercrime hacking

China-linked Hafnium APT leverages Tarrask malware to gain persistence

h2>China-linked Hafnium APT group started using a new piece of new malware to gain persistence on compromised Windows systems. The China-backed Hafnium cyberespionage group is likely behind a piece of a new malware, dubbed Tarrask, that’s used to maintain persistence on compromised Windows systems, reported Microsoft Threat Intelligence Center (MSTI
Publish At:2022-04-13 10:56 | Read:1202 | Comments:0 | Tags:APT Breaking News Hacking Malware China Cybersecurity cybers

China-linked threat actors target Indian Power Grid organizations

h2>China-linked threat actors continue to target Indian power grid organizations, most of the attacks involved the ShadowPad backdoor. Recorded Future’s Insikt Group researchers uncovered a campaign conducted by a China-linked threat actor targeting Indian power grid organizations. The security firm is tracking this cluster of malicious activities
Publish At:2022-04-09 10:22 | Read:947 | Comments:0 | Tags:APT Breaking News Hacking Intelligence China Cyberespionage

China-linked GIMMICK implant now targets macOS

Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across Asia. In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tr
Publish At:2022-03-23 10:21 | Read:1236 | Comments:0 | Tags:APT Breaking News Hacking Malware China Gimmick malware Hack


Share high-quality web security related articles with you:)
Tell me why you support me <3