An elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed to fly under the radar since at least 2019.
Dubbed “Operation CuckooBees” by Israeli cybersecurity company Cybereason, the massive intellectual property theft operation enabled the threat actor to exfiltrate hundreds of gigabytes of information. Continue reading “Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies..”
A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected machines with the goal of stealing sensitive data. Continue reading “Chinese Hackers Target VMware Horizon Servers with the goal of stealing sensitive data.”
An advanced persistent threat (APT) group operating with objectives aligned with the Chinese government has been linked to an organized supply chain attack on Taiwan’s financial sector. Continue reading “Chinese Hackers Target Taiwan’s Financial Trading Sector…”
Cybersecurity researchers have detailed the inner workings of ShadowPad, a sophisticated and modular backdoor that has been adopted by a growing number of Chinese threat groups in recent years, while also linking it to the country’s civilian and military intelligence agencies. Continue reading “Chinese Malware Attacks Linked to CCP, Chinese Ministry and PLA”
Hacking group APT 27 is suspected of targeting German pharmaceutical and technology companies. (Reuters citing authorities)
The Federal Office for constitutional protection claimed the group is attempting to steal trade secrets and intellectual property. It’s alleged that Chinese hackers may be going after customers and service provider networks too, to infiltrate a number of companies at once.
A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and credential harvesting on targeted systems. Continue reading “Chinese APT Hackers Target Academic Institution”
AP) — China-based government hackers have exploited a bug in Microsoft’s email server software to target U.S. organizations, the company said Tuesday.
Microsoft said that a “highly skilled and sophisticated” state-sponsored group operating from China has been trying to steal information from a number of American targets, including universities, defense contractors, law firms and infectious-disease researchers.
Microsoft said it has released security upgrades to fix the vulnerabilities to its Exchange Server software, which is used for work email and calendar services, mostly for larger organizations that have their own in-person email servers. It doesn’t affect personal email accounts or Microsoft’s cloud-based services.
NEW DELHI—A Chinese state-backed hacking group has in recent weeks targeted the IT systems of two Indian vaccine makers whose coronavirus shots are being used in the country’s immunization campaign, cyber intelligence firm Cyfirma told Reuters.
Rivals China and India have both sold or gifted COVID-19 shots to many countries. India produces more than 60 percent of all vaccines sold in the world.
A report says Britons are now more likely to see China as a critical threat than they did in 2020. A survey finds 84 percent of British people see cyber-attacks from other nations as the most alarming threat. Following closely is China’s influence on the world’s stage at 79 percent.
In Westminster, there’s a growing sense of discomfort over China’s human rights record and the security risks they pose.
Chinese hackers exploited a flaw in SolarWinds software to break into U.S. government computers, according to reports from Reuters.
“Two people briefed on the case said FBI investigators recently found that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among the affected organizations, raising fears that data on thousands of government employees may have been compromised,” the outlet added.
The Chinese-led hack is distinct from the recent Russian cyberattack on SolarWinds, which compromised several U.S. federal agencies.
Among the data potentially included in the hack were “federal employee social security numbers, phone numbers and personal email addresses as well as banking information.”
“Depending on what data were compromised, this could be an extremely serious breach of security,” said Tom Warrick, a former senior official at the U.S Department of Homeland Security. “It could allow adversaries to know more about U.S. officials, improving their ability to collect intelligence.”