Cyber Espionage, APT31 launched a large campaign impacting many French entities
ANSSI cybersecurity experts: The cybercrime actor uses a network of compromised home routers as operational relay boxes.
Cyber Espionage, Chinese APTs use new malware to hit targets in US and Europe
FireEye cybersecurity experts: Threat actors as UNC2630 and UNC2717 are still compromising Pulse Secure VPN devices to infiltrate organizations.
Cyber Espionage, Chinese hackers exploit anti virus flaws to strike
Recorded Future cybersecurity experts: Unit 61419 bought small English AV batches from Western companies through intermediaries.
Cybercrime, Rocke Group uses a new malware to attack via saved SSH keys and weak passwords
Intezer cybersecurity experts: The China-linked APT’s code, after the victim has been infected, executes a Monero cryptominer.
Cyber Espionage, NAIKON exploited RainyDay to target military organizations in Asia
Bitdefender cybersecurity experts: China’s APT used the backdoor to compromise the victims’ network and to get to the information of interest.
Cybercrime, Prometei botnet exploits some Microsoft Exchange vulnerabilities
Cybereason cybersecurity experts: The malware can infect both Windows and Linux systems and has been upgraded with backdoor capabilities.
Cyber Espionage, Facebook blocked Earth Empusa attacks on Uyghurs
The Chinese hackers (aka Evil Eye) targeted activists, journalists and dissidents with various TTPs to infect their devices with malware.
Cybercrime, RedXOR is a new malware which targets Linux systems
Intezer cybersecurity experts: It’s a backdoor linked to the Chinese state-sponsored hacking collective Winnti. It has meny capabilities and can be updated.
Cyber Espionage, Microsoft released mitigation measures for Exchange server
However, the company warns: Are not a remediation, nor are they full protection against attack. The APTs threat is still active.
Cybersecurity, Update Microsoft Exchange Now!
Many state sponsored APTs are exploiting the 4 vulnerabilities, despite Microsoft patched them, to attack servers in USA, Europe, Asia and Middle East.