-
US govt officials’ communications compromised in recent telecom hack
CISA and the FBI confirmed that Chinese hackers compromised the "private communications" of a "limited number" of government officials after breaching multiple U.S. broadband providers.
- November 13, 2024
- 05:34 PM
2
-
Hackers increasingly use Winos4.0 post-exploitation kit in attacks
Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps.
- November 06, 2024
- 04:25 PM
7
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Sophos reveals 5-year battle with Chinese hackers attacking network devices
Sophos disclosed today a series of reports dubbed "Pacific Rim" that detail how the cybersecurity company has been sparring with Chinese threat actors for over 5 years as they increasingly targeted networking devices worldwide, including those from Sophos.
- October 31, 2024
- 06:16 PM
- 2
-
US says Chinese hackers breached multiple telecom providers
The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States.
- October 28, 2024
- 12:05 PM
- 3
-
CISA proposes new security requirements to protect govt, personal data
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is proposing security requirements to prevent adversary states from accessing American's personal data as well as government-related information.
- October 22, 2024
- 06:11 PM
- 5
-
AT&T, Verizon reportedly hacked to target US govt wiretapping platform
Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports.
- October 07, 2024
- 10:51 AM
- 4
-
US proposes ban on connected vehicle tech from China, Russia
Today, the Biden administration announced new proposed measures to defend the United States' national security from potential threats linked to connected vehicle technologies originating from China and Russia.
- September 23, 2024
- 07:05 PM
- 2
-
Chinese botnet infects 260,000 SOHO routers, IP cameras with malware
The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called "Raptor Train" that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries.
- September 18, 2024
- 12:00 PM
- 0
-
Chinese hackers linked to cybercrime syndicate arrested in Singapore
Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a "global syndicate."
- September 11, 2024
- 09:43 AM
- 1
-
Chinese hackers use new data theft malware in govt attacks
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks.
- September 09, 2024
- 03:19 PM
- 0
-
Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs
The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks.
- August 27, 2024
- 10:00 AM
- 2
-
Chinese hacking groups target Russian government, IT firms
A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian government organizations and IT companies, are linked to Chinese hackers of the APT31 and APT 27 groups.
- August 11, 2024
- 12:16 PM
- 3
-
Hackers breach ISP to poison software updates with malware
A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware.
- August 03, 2024
- 10:12 AM
- 2
-
UK govt links 2021 Electoral Commission breach to Exchange server
The United Kingdom's Information Commissioner's Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities.
- July 30, 2024
- 08:00 AM
- 0
-
Chinese hackers deploy new Macma macOS backdoor version
The Chinese hacking group tracked as 'Evasive Panda' was spotted using new versions of the Macma backdoor and the Nightdoor Windows malware.
- July 23, 2024
- 07:33 PM
- 0
-
Chinese APT40 hackers hijack SOHO routers to launch attacks
An advisory by CISA and multiple international cybersecurity agencies highlights the tactics, techniques, and procedures (TTPs) of APT40 (aka "Kryptonite Panda"), a state-sponsored Chinese cyber-espionage actor.
- July 09, 2024
- 11:11 AM
- 1
-
Cisco warns of NX-OS zero-day exploited to deploy custom malware
Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches.
- July 01, 2024
- 01:46 PM
- 0
-
UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs
A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named 'Reptile' and 'Medusa' to remain hidden on VMware ESXi virtual machines, allowing them to conduct credential theft, command execution, and lateral movement.
- June 20, 2024
- 01:46 PM
- 0
-
Hackers use F5 BIG-IP malware to stealthily steal data for years
A group of suspected Chinese cyberespionage actors named 'Velvet Ant' are deploying custom malware on F5 BIG-IP appliances to gain a persistent connection to the internal network and steal data.
- June 17, 2024
- 01:37 PM
- 2
-
Chinese hackers breached 20,000 FortiGate systems worldwide
The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is "much larger than previously known."
- June 11, 2024
- 12:22 PM
- 3
