July 24, 2024 at 12:06PM The GhostEmperor threat group, initially identified by Kaspersky in 2021, saw a potential resurgence in a 2023 compromise investigated by Sygnia. They associated the new compromise with similarities in infection chains and the use of the Demodex rootkit. However, uncertainty remains whether this represents the return of GhostEmperor or a … Read more
July 19, 2024 at 11:36AM The sophisticated Chinese hacking group GhostEmperor has reappeared after a two-year hiatus with updated and advanced tactics, as revealed by cybersecurity firm Sygnia. The group targeted telecommunications and government entities in Southeast Asia, using customized malware and evasion methods. The recent intrusion involved an evolved attack chain and indicated the … Read more
July 19, 2024 at 04:33AM Summary: Global shipping, logistics, media, technology, and automotive organizations in various countries are targeted by China-based APT41 hacking group, using web shells, custom droppers, and publicly available tools for unauthorized access and data exfiltration. Meanwhile, another threat group, GhostEmperor, is using a variant of the Demodex rootkit in a cyber … Read more