Tag: china
-
News brief: China-linked APTs and Russian access broker
by
in SecurityNewsCheck out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366621697/News-brief-China-linked-APTs-and-Russian-access-broker
-
Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All
by
in SecurityNewsCISA Publishes Anatomy of Advanced Ivanti VPN Malware. Hackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/rootkit-backdoor-tunneler-ivanti-malware-does-all-a-27881
-
Intel and Microsoft staff allegedly lured to work for fake Chinese company in Taiwan
by
in SecurityNews11 companies, including SMIC, accused of disguising outposts so they can illicitly serve Beijing First seen on theregister.com Jump to article: www.theregister.com/2025/03/31/china_disguised_tech_companies_taiwan/
-
Chinese Lotus Blossom Hackers leverages Windows Management Instrumentation for Network Movement
The Chinese Advanced Persistent Threat (APT) group known as Lotus Blossom, also referred to as Billbug, Thrip, or Spring Dragon, has intensified its cyber-espionage operations by employing advanced techniques, including the use of Windows Management Instrumentation (WMI) for lateral movement within targeted networks. This group, active for over a decade, has recently deployed new variants…
-
Chinese Lotus Blossom Hackers leverages Windows Management Instrumentation for Network Movement
The Chinese Advanced Persistent Threat (APT) group known as Lotus Blossom, also referred to as Billbug, Thrip, or Spring Dragon, has intensified its cyber-espionage operations by employing advanced techniques, including the use of Windows Management Instrumentation (WMI) for lateral movement within targeted networks. This group, active for over a decade, has recently deployed new variants…
-
Ransomware bei einer Immobiliengesellschaft in der Republik China / Taiwan
by
in SecurityNewsA cyber security incident occurred in our company First seen on emops.twse.com.tw Jump to article: emops.twse.com.tw/server-java/t05sr01_1_e
-
Cyberangriff auf einen Sportgerätehersteller in der Republik China / Taiwan
by
in SecurityNewsExplanation of Our Company’s Cybersecurity First seen on emops.twse.com.tw Jump to article: emops.twse.com.tw/server-java/t05sr01_1_e
-
New ‘Lucid’ Phishing Platform Abuses iMessage, Android RCS to Slip Past Defenses
by
in SecurityNewsA sophisticated cybercrime service known as >>Lucid
-
USA und China – Möglichst sicher reisen trotz Wirtschaftsspionage und Geheimdienst
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/sicher-reisen-trotz-wirtschaftsspionage-und-geheimdienst-a-6430ae3aa09b745936b1ec13b7612153/
-
Salt Typhoon may have upgraded backdoors for efficiency and evasion
by
in SecurityNewsCrowDoor and attributed to the Earth Estries APT group in November 2024.”GhostSparrow, aka Salt Typhoon (Microsoft), Earth Estries (Trend Micro), Ghost Emperor (Kaspersky Labs), and UNC2286 (Mandiant), has escalated cyber espionage, breaching US telecom networks and accessing data on over a million individuals. One of the key features ESET reported on the two previously unseen…
-
Trump’s ‘preparedness’ executive order would shift cyber defense burden where it doesn’t belong, experts say
by
in SecurityNewsThe order says state and local governments should “own” addressing risks like cyberattacks. It’s a mismatch when a small town goes up against China, experts countered. First seen on cyberscoop.com Jump to article: cyberscoop.com/trump-executive-order-cybersecurity-state-local-impact/
-
China’s FamousSparrow flies back into action, breaches US org after years off the radar
by
in SecurityNewsCrew also cooked up two fresh SparrowDoor backdoor variants, says ESET First seen on theregister.com Jump to article: www.theregister.com/2025/03/27/china_famoussparrow_back/
-
ISMG Editors: Ransomware’s Stealth vs. Spectacle Tactics
by
in SecurityNews
Tags: attack, china, cyber, cybersecurity, espionage, infrastructure, ransomware, strategy, tactics, updateAlso: Rapid7’s Boardroom Shake-Up, China’s Shift Tactical Cyber Shift. In this week’s update, ISMG editors unpacked stealth vs. spectacle in ransomware attacks, Rapid7’s boardroom shake-up led by activist investors, and China’s shift from cyber espionage to infrastructure sabotage – driving key shifts in global cybersecurity strategy and resilience. First seen on govinfosecurity.com Jump to article:…
-
Chinese cybersecurity group linked to global hacking campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/chinese-cybersecurity-group-linked-to-global-hacking-campaign
-
Chinese hackers spend years roaming telecommunications service
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/chinese-hackers-spend-years-roaming-telecommunications-service
-
FCC Investigating Operations Of Sanctioned Chinese Telcos In US
by
in SecurityNews
Tags: chinaFirst seen on scworld.com Jump to article: www.scworld.com/brief/fcc-investigating-operations-of-sanctioned-chinese-telcos-in-us
-
Chinese FamousSparrow hackers deploy upgraded malware in attacks
by
in SecurityNewsA China-linked cyberespionage group known as ‘FamousSparrow’ was observed using a new modular version of its signature backdoor ‘SparrowDoor’ against a US-based trade organization. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-famoussparrow-hackers-deploy-upgraded-malware-in-attacks/
-
Threat Actors Compromise 150,000 Websites to Promote Chinese Gambling Platforms
by
in SecurityNewsA large-scale cyberattack has compromised approximately 150,000 legitimate websites by injecting malicious JavaScript to redirect visitors to Chinese-language gambling platforms. The campaign, first detected in February 2025 with 35,000 infected sites, has since expanded significantly, leveraging obfuscated scripts and iframe injections to hijack browsers. Attackers use domains like zuizhongyj[.]com to host payloads, which display full-screen…
-
New FamousSparrow Malware Targets Hotels and Engineering Firms with Custom Backdoor
ESET researchers have uncovered new activity from the China-aligned APT group FamousSparrow, revealing two previously undocumented versions of their custom SparrowDoor backdoor. The group, thought to be inactive since 2022, compromised a US-based trade organization in the financial sector and a Mexican research institute in July 2024. The first variant closely resembles the CrowDoor malware…
-
Cyber Threats Jeopardize US Military Mobility, Report Warns
by
in SecurityNewsChinese Cyber Pre-Positioning Endangers US Military Logistics and Readiness. The U.S. military’s ability to deploy, supply and sustain its forces in a major conflict is under threat – not from enemy fire, but from cyberattacks targeting the digital systems that keep troops and equipment moving, according to a new report.</ First seen on govinfosecurity.com Jump…
-
Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US
Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chin-famoussparrow-targets-us/
-
Lucid PhAAS Platform Uses RCS and iMessage to Evade Detection
by
in SecurityNewsThe cybersecurity landscape has been disrupted by the emergence of Lucid, a sophisticated Phishing-as-a-Service (PhAAS) platform developed by Chinese-speaking threat actors. This advanced toolkit enables cybercriminals to conduct large-scale phishing campaigns, targeting 169 entities across 88 countries globally. Lucid’s innovation lies in its exploitation of Rich Communication Services (RCS) and Apple’s iMessage protocol to circumvent…
-
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
by
in SecurityNewsAn ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date.”The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor’s browser,” c/side security analyst Himanshu First seen…
-
Commerce limits 19 Chinese, Taiwanese companies from buying U.S. tech
by
in SecurityNewsThe sanctions place the companies under a strict licensing regime meant to limit their access to foundational technology for quantum computing, cloud and AI. First seen on cyberscoop.com Jump to article: cyberscoop.com/commerce-sanctions-chinese-firms-quantum-computing-ai-cloud/
-
‘Lucid’ Phishing-as-a-Service Exploits Faults in iMessage, Android RCS
by
in SecurityNewsCybercriminals in China have figured out how to undermine the strengths of mobile messaging protocols. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/lucid-phishing-exploits-imessage-android-rcs
-
Chinese ‘FamousSparrow’ hackers back from the dead and targeting North America, researchers say
by
in SecurityNewsThought to be dormant since 2022, the group is now believed to have been targeting organizations in the U.S., Mexico and Honduras. First seen on therecord.media Jump to article: therecord.media/china-famous-sparrow-back-eset
-
China-linked FamousSparrow APT group resurfaces with enhanced capabilities
ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/26/famoussparrow-cyberespionage-attacks-united-states/
-
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor SparrowDoor and ShadowPad.The activity, observed in July 2024, marks the first time the hacking crew has deployed ShadowPad, a malware widely shared…
-
Understanding RDAP: The Future of Domain Registration Data Access
by
in SecurityNews
Tags: access, api, attack, authentication, china, compliance, control, cyber, cybercrime, cybersecurity, data, detection, exploit, framework, fraud, GDPR, incident response, infrastructure, intelligence, Internet, law, malicious, malware, phishing, privacy, regulation, service, threat, tool, vulnerability