Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’

December 5, 2024 at 08:13PM Microsoft’s threat intelligence team reports that the China-linked group Storm-0227 is targeting critical infrastructure and US government agencies, leveraging public security vulnerabilities and spear-phishing tactics. Active since January, they steal credentials and sensitive data, indicating significant and ongoing espionage efforts focused on US defense, telecommunications, and legal sectors. ### Meeting … Read more

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

January 12, 2024 at 09:18AM Suspected nation-state actors exploited two zero-day vulnerabilities in Ivanti Connect Secure VPN, deploying multiple malware families to gain backdoor access to devices. The attacks, attributed to a Chinese espionage actor, targeted less than 10 customers and are expected to be highly-targeted. Patches are anticipated on January 22. Mandiant identified the … Read more

Hackers use new Agent Raccoon malware to backdoor US targets

December 1, 2023 at 02:15PM Agent Raccoon, a novel .NET malware used for espionage, targets organizations globally and is linked to nation-state actors by Unit 42. It masquerades as an updater, using DNS for covert communication and includes tools for credential theft and data exfiltration, with active development indicating evolving capabilities. Meeting Takeaways: 1. A … Read more