apt

SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers

Alleged China-linked threat actors infected unpatched SonicWall Secure Mobile Access (SMA) appliances with a custom backdoor. Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540, deployed custom malware on a SonicWall SMA appliance. The malware allows attackers to steal user credentials, achieve persistence through firmware upgrades, and provides shell access. The analysis of a […]

The post SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers appeared first on Security Affairs.

March 9, 2023
0 comment
Read More >>

China-linked APT Sharp Panda targets government entities in Southeast Asia

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia. The state-sponsored hackers used a new version of the SoulSearcher loader, which eventually loads a new […]

The post China-linked APT Sharp Panda targets government entities in Southeast Asia appeared first on Security Affairs.

March 8, 2023
0 comment
Read More >>

MQsTTang, a new backdoor used by Mustang Panda APT against European entities

China-Linked Mustang Panda APT employed MQsTTang backdoor as part of an ongoing campaign targeting European entities. China-linked Mustang Panda APT group has been observed using a new backdoor, called MQsTTang, in attacks aimed at European entities. The hacking campaign began in January 2023, ESET researchers pointed out that the custom backdoor MQsTTang is not based on existing families […]

The post MQsTTang, a new backdoor used by Mustang Panda APT against European entities appeared first on Security Affairs.

March 3, 2023
0 comment
Read More >>

ENISA and CERT-EU warns Chinese APTs targeting EU organizations

A joint report published by ENISA and CERT-EU warns of Chinese APTs targeting businesses and government organizations in the European Union. The European Union Agency for Cybersecurity (ENISA) and CERT-EU warn of multiple China-linked threat actors targeting businesses and government organizations in the EU. The joint report focus on cyber activities conducted by multiple Chinese […]

The post ENISA and CERT-EU warns Chinese APTs targeting EU organizations appeared first on Security Affairs.

February 19, 2023
0 comment
Read More >>

Threat Actors Sheets: OpenAI Generated !

Inroduction ChatGPT or more generally speaking OpenAI is an incredible tool. It is a spectacular instrument helping people in many different fields, it helps people to summarize text, to produce poem, to build images and music, to answer to difficult questions and to automatize complex processes. So I decided to dedicate an entire blog-post to […]

February 16, 2023
0 comment
Read More >>

IoC detection experiments with ChatGPT

We decided to check what ChatGPT already knows about threat research and whether it can help with identifying simple adversary tools and classic indicators of compromise, such as well-known malicious hashes and domains.

February 15, 2023
0 comment
Read More >>

DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure

North Korea-linked APT groups conduct ransomware attacks against healthcare and critical infrastructure facilities to fund its activities. Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S. and South Korean agencies warn. US CISA published a Cybersecurity Advisory (CSA) to […]

The post DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure appeared first on Security Affairs.

February 11, 2023
0 comment
Read More >>