Tag: backdoor
-
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a backdoor known as ANEL.The attack, detected by ESET in late August 2024, singled out a Central European diplomatic institute with lures related to Word Expo,…
-
Chinese Hackers Target European Diplomats with Malware
by
in SecurityNewsMirrorFace Expands Operations, Revives Anel Backdoor for Espionage. A threat actor associated with Chinese cyberespionage campaigns against Japan stepped outside its East Asian comfort zone to target a European organization with a refreshed set of hacking tools. A hacking group tracked as MirrorFace and Earth Kasha deployed a backdoor once exclusively used by APT10. First…
-
Not all cuts are equal: Security budget choices disproportionately impact risk
by
in SecurityNews
Tags: ai, application-security, attack, awareness, backdoor, breach, bug-bounty, business, ceo, ciso, cloud, compliance, container, control, cyber, cybersecurity, data, iam, identity, incident response, infrastructure, monitoring, phishing, risk, risk-management, service, software, strategy, technology, threat, tool, training, update, usa, vulnerability[Source: Splunk] As cyber threats evolve at an unprecedented pace, delaying essential technology upgrades can severely impact an organization. The newest technological updates are introduced to enhance an organization’s security offerings and directly address recently identified challenges.”Outdated systems lack new features and functionality that allow for more sophisticated offerings, like moving to the cloud,” Kirsty…
-
Transparency in UK-Apple backdoor hearing urged by US lawmakers, privacy advocates
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/transparency-in-uk-apple-backdoor-hearing-urged-by-us-lawmakers-privacy-advocates
-
New C++-Based IIS Malware Mimics cmd.exe to Evade Detection
A recent discovery by Palo Alto Networks’ Unit 42 has shed light on sophisticated malware targeting Internet Information Services (IIS) servers. This malware, developed in C++/CLI, a rare choice for malware authors, has been designed to mimic the behavior of cmd.exe to evade detection. The malware operates as a passive backdoor, integrating itself into the…
-
US Legislators Demand Transparency in Apple’s UK Backdoor Court Fight
by
in SecurityNewsA bipartisan delegation of US Congresspeople and Senators has asked the hearing between the UK government and Apple to be made public First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-legislators-transparency-apple/
-
UK Cybersecurity Weekly News Roundup 16 March 2025
by
in SecurityNews
Tags: access, apple, attack, backdoor, backup, compliance, control, cyber, cyberattack, cybercrime, cybersecurity, data, encryption, finance, firewall, government, group, hacking, insurance, law, lockbit, malicious, network, office, privacy, ransomware, regulation, risk, russia, service, software, virusWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Government’s Stance on Encryption Raises Global Concerns The UK government has ordered Apple to provide backdoor access to iCloud users’ encrypted backups under the Investigatory Powers Act of 2016. This secret order…
-
AI development pipeline attacks expand CISOs’ software supply chain risk
by
in SecurityNews
Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerabilitydevelopment pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
-
Report on ransomware attacks on Fortinet firewalls also reveals possible defenses
by
in SecurityNews
Tags: access, attack, authentication, automation, backdoor, backup, ciso, control, credentials, cve, cybercrime, data, data-breach, defense, exploit, firewall, fortinet, group, infrastructure, Internet, lockbit, malicious, monitoring, network, password, radius, ransom, ransomware, risk, router, tactics, threat, tool, update, vpn, vulnerability, windowsSigns of intrusion: “This actor exhibits a distinct operational signature that blends elements of opportunistic attacks with ties to the LockBit ecosystem,” Forescout said in its analysis.”Mora_001’s relationship to the broader Lockbit’s ransomware operations underscores the increased complexity of the modern ransomware landscape where specialized teams collaborate to leverage complementary capabilities.”CISOs should note these consistent…
-
Apple Fights UK Over Encryption Backdoors as US Officials Warn of Privacy Violations
by
in SecurityNewsThe British side reportedly said they would have to produce warrants for each individual data access request, so they will always have to be made as part of an investigation into serious crime. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-icloud-encryption-uk-us-privacy/
-
Chinese espionage group UNC3886 targets Juniper routers
by
in SecurityNewsAdvanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620812/Chinese-espionage-group-UNC3886-targets-Juniper-routers
-
US lawmakers urge UK spy court to hold Apple ‘backdoor’ secret hearing in public
by
in SecurityNewsU.S. bipartisan lawmakers say the U.K. order gagging Apple from disclosing the demand is unconstitutional. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/14/us-lawmakers-urge-uk-spy-court-to-hold-apple-backdoor-secret-hearing-in-public/
-
In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor Disputed, MassJacker
by
in SecurityNewsNoteworthy stories that might have slipped under the radar: Switzerland requires disclosure of critical infrastructure attacks, ESP32 chips don’t contain a backdoor, MassJacker cryptojacking malware. The post In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor Disputed, MassJacker appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-swiss-breach-disclosure-rules-esp32-chip-backdoor-disputed-massjacker/
-
UK’s secret iCloud backdoor order triggers civil rights challenge
by
in SecurityNewsThe U.K. government’s secret order to Apple demanding it backdoor the end-to-end encrypted version of its iCloud storage service has now been challenged by two civil rights groups, Liberty and Privacy International, which filed complaints Thursday. They called the order >>unacceptable and disproportionate>global consequences
-
The most notorious and damaging ransomware of all time
by
in SecurityNews
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
Bluetooth- und WLAN-Chip ESP32 – Backdoor in Bluetooth-Chip betrifft eine Milliarde Geräte
by
in SecurityNews
Tags: backdoorFirst seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecke-esp32-chip-iot-geraete-a-67b4d0ab0bf289e4a247775d313dc7ef/
-
Juniper patches bug that let Chinese cyberspies backdoor routers
by
in SecurityNewsJuniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/juniper-patches-bug-that-let-chinese-cyberspies-backdoor-routers-since-mid-2024/
-
Apple’s appeal against UK’s secret iCloud backdoor order must be held in public, rights groups urge
by
in SecurityNewsPrivacy rights groups have called on Apple’s legal challenge to a secret U.K. government order asking it to backdoor an end-to-end encrypted (E2EE) version of its iCloud storage service to be heard in public, rather than behind closed doors. The existence of the order emerged via press reports last month. Apple went on to confirm…
-
New DCRat Campaign Uses YouTube Videos to Target Users
by
in SecurityNewsA new campaign involving the DCRat backdoor has recently been uncovered, leveraging YouTube as a primary distribution channel. Since the beginning of the year, attackers have been using the popular video-sharing platform to target users by creating fake or stolen accounts. These malicious actors upload videos that appear to offer cheats, cracks, game bots, and…
-
China-Backed Hackers Backdoor US Carrier-Grade Juniper MX Routers
Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called TinyShell. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-hackers-backdoor-carrier-grade-juniper-mx-routers
-
Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor
by
in SecurityNewsCybersecurity researchers have uncovered a sophisticated cyber espionage campaign targeting critical network infrastructure, marking a significant evolution in tactics by Chinese state-sponsored hackers. Mandiant, a leading cybersecurity firm, has discovered multiple custom backdoors deployed on Juniper Networks’ routers, attributing the activity to a Chinese espionage group known as UNC3886. The backdoors provided attackers with persistent…
-
China-linked APT UNC3886 targets EoL Juniper routers
by
in SecurityNewsMandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper NetworksJunos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to…
-
China continues cyberattacks on routers, this time targeting Juniper Networks devices
by
in SecurityNewsResearchers said the state-backed group dubbed UNC3886 was behind a campaign to deploy custom backdoors on the company’s Junos OS routers. First seen on therecord.media Jump to article: therecord.media/china-continues-attacks-routers-juniper
-
Juniper MX routers targeted by China-nexus threat group using custom backdoors
The devices have reached end-of-life status and need to be upgraded, as the company has issued in a security advisory. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/juniper-routers-china–hacker-backdoor/742315/
-
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
by
in SecurityNewsUNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected. First seen on hackread.com Jump to article: hackread.com/chinese-group-unc3886-backdoor-juniper-routers/
-
Mandiant Uncovers Custom Backdoors on EndLife Juniper Routers
by
in SecurityNewsChina-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers. The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/mandiant-uncovers-custom-backdoors-on-end-of-life-juniper-routers/
-
Lazarus Group Hid Backdoor in Fake npm Packages in Latest Attack
by
in SecurityNewsLazarus Group targets developers with malicious npm packages, stealing credentials, crypto, and installing backdoor. Stay alert to protect your projects. First seen on hackread.com Jump to article: hackread.com/lazarus-group-backdoor-fake-npm-packages-attack/
-
Chinese Cyberespionage Group Tied to Juniper MX Router Hacks
by
in SecurityNewsJuniper Networks Urges Immediate Updating and Malware Scans to Block Attackers. Hackers have been infecting outdated Juniper MX routers with backdoor malware as part of an apparent cyberespionage campaign that traces to a Chinese-affiliated hacking team tracked as UNC 3886, warned Google’s Mandiant incident response group. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-cyberespionage-group-tied-to-juniper-mx-router-hacks-a-27696