APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.
The emerging actor, part of the APT41 nexus, gains initial access via phishing, and uses legitimate network services to obscure cyber espionage activities.
Up to now, the prolific China-sponsored cyber-espionage group has been mostly absent from the region, but a sophisticated and highly targeted attack on an African IT company shows Beijing is branching out.
APT41, a Chinese state-sponsored threat actor also known as "Double Dragon," used Google Calendar as command-and-control infrastructure during a campaign last fall.
The China-affiliated group is using the highly modular DeepData framework to target organizations in South Asia.
Earth Baku, yet another subgroup of the highly active and increasingly sophisticated collective, is moving into EMEA with new malware and living-off-the-land (LOL) tactics.
The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.
According to Mandiant, among the many cyber espionage tools the threat actor is using is a sophisticated new dropper called DustTrap.
Nation-states see the opportunity in targeting people directly through their mobile phones, in this case with sophisticated Android surveillanceware.
The notorious Chinese APT is spreading cyber maliciousness around Southeast Asia, and its next targets are already in sight.
China-linked APT41 group targeted a Taiwanese media organization and an Italian job agency with standard, open source penetration test tools, in a change in strategy.
The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.