Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign
A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors
Spy vs. spy China has accused US intelligence agencies of exploiting a Microsoft Exchange zero-day exploit to steal defense-related data and take over more than 50 devices belonging to a "major Chinese military enterprise" for nearly a year.…
Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China
A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks
UAT-5918 Breaches Taiwan's Critical Sectors Using N-Day Flaws for CyberespionageHackers with ties to China-based hacking groups including Volt Typhoon are breaching Taiwan's critical infrastructure by exploiting unpatched web and application servers as entry points for a cyberespionage campaign. Cisco Talos threat hunters identified the new threat actor as UAT-5918.
A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases
Beijing Used FortiGate Vulnerability to Install TrojanChinese espionage hackers penetrated Dutch military systems in early 2023, using a zero-day exploit in a Fortinet virtual private network to obtain access, Netherlands intelligence agencies disclosed Tuesday. They attributed the hacking to Chinese state actors with high confidence.
A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign