August 5, 2024 at 03:03PM Researchers have uncovered a China-linked APT group’s attack on an ISP, employing DNS poisoning to compromise software update mechanisms. This enabled the delivery of Macma backdoor variants and post-exploitation malware, exfiltrating sensitive data from affected networks. The APT group, known as Evasive Panda, used DNS manipulation to conduct the attacks, … Read more
August 3, 2024 at 03:41PM The Chinese hacking group StormBamboo, also known as Evasive Panda, Daggerfly, and StormCloud, has compromised an internet service provider to inject malware into automatic software updates, targeting organizations across various countries. They exploited insecure HTTP software update mechanisms, deploying malware onto victims’ devices without user interaction. They also targeted software … Read more
July 23, 2024 at 09:31AM Taipei and U.S. NGOs targeted by state-affiliated Chinese hacking group Daggerfly, using upgraded malware tools. Symantec reports the group engages in internal espionage, exploits Apache HTTP server vulnerability, and quickly adapts to continue espionage activities. New malware linked to Daggerfly includes MACMA and Nightdoor, targeting major operating systems. CVERC accuses … Read more