January 30, 2024 at 01:24PM The US Justice Department and FBI reportedly thwarted Chinese state-sponsored hackers targeting American critical infrastructure by obtaining a court order to remotely disable aspects of the Chinese hacking campaign. The hackers used vulnerable Internet-facing devices to access networks and steal sensitive data, prompting concerns about potential disruption of US critical … Read more
January 19, 2024 at 11:38AM Summary: A Chinese hacking group exploited a vCenter Server vulnerability (CVE-2023-34048) as a zero-day since late 2021, using it to breach targets’ servers, escalate privileges, and exfiltrate files. The group, UNC3886, also targeted Fortinet firewall devices with a zero-day. Its preferred targets include defense, government, telecom, and tech sectors in … Read more
January 10, 2024 at 08:03PM Volexity warned of Chinese hackers exploiting zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887) in Ivanti Connect Secure VPN. It affected fully patched appliances, with pre-patch mitigations provided. The attackers used these exploits to execute commands, steal data, and gain access to network systems. Volexity discovered and described the attacker’s methods. From the … Read more
November 29, 2023 at 12:09PM JAXA was hacked, risking sensitive space-tech data. The breach involved the agency’s Active Directory server, and the extent of damage is under investigation. JAXA was previously targeted by Chinese hackers, Tick. Concerns arise as Japan-US agencies warn of ongoing Chinese cyberattacks on networks. (50 words) Meeting Takeaways: 1. The Japan … Read more