September 10, 2024 at 08:15AM A threat actor linked to China, known as Tidrone, has targeted military-related and satellite industries in Taiwan and focused on drone manufacturers. Using sophisticated malware, backdoors, and legitimate remote control tools, the group aims to disable system protections, steal information, and engage in espionage-related activities. These activities bear similarities to … Read more
April 23, 2024 at 08:09AM Mandiant Consulting’s incident response team linked a China-linked espionage group’s attack to a compromised edge device in a client’s network. The difficulty in detecting and investigating compromises of edge appliances has led to an increase in nation-state attackers targeting firewalls, email gateways, VPNs, and other devices. Attackers have also doubled … Read more
February 29, 2024 at 01:27AM China-linked cyber espionage clusters UNC5325 and UNC3886 have exploited security flaws in Ivanti Connect Secure VPN appliances. They delivered new malware, maintained persistent access, and leveraged zero-day flaws to deploy implants targeting defense, technology, and telecommunication organizations in the U.S. and Asia-Pacific. Volt Typhoon and UTA0178 were also attributed to … Read more