#StateSponsoredGroups

Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware

by

June 26, 2024 at 06:57AM Between 2021 and 2023, threat actors with ties to China and North Korea have conducted ransomware attacks targeting government and critical infrastructure sectors worldwide. Cybersecurity firms linked these attacks to groups including ChamelGang and state-sponsored entities. The use of ransomware in cyber espionage operations blurs the lines between cybercrime and … Read more

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges

by

November 1, 2023 at 11:46AM VMware Carbon Black’s Threat Analysis Unit (TAU) found numerous previously unknown vulnerable kernel drivers that could be used by attackers to modify firmware or escalate privileges. After analyzing 18,000 Windows driver samples, TAU identified 34 unique vulnerable drivers, including ones from major BIOS and chip makers. Exploiting these drivers can … Read more