Rare new Windows rootkit spotted in Chinese APT attacks
In a report published today, security firm Kaspersky said it discovered a rare new Windows rootkit that has remained undetected since at least 20018 and has been deployed in some highly targeted attacks.
Chinese military unit accused of cyber-espionage bought multiple western antivirus products
A Chinese military unit that was accused last month by Japanese authorities of carrying out a years-long cyber-espionage campaign was seen buying batches of different western-made antivirus products.
Belgium’s government network goes down after massive DDoS attack
Most of the Belgium government’s IT network has been down today after a massive distributed denial of service (DDoS) attack knocked offline both internal systems and public-facing websites.
China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor
A threat actor believed to be operating on behalf of Chinese state-sponsored interests was recently observed targeting a Russian defense contractor involved in designing nuclear submarines for the Russian Navy, according to new research published today by Cybereason. The attack was narrowly-focused, the firm said, and originated with a spear-phishing attempt targeting a general director working at the Rubin Design Bureau, a Saint Petersburg-based shipbuilder that has designed most of Russia’s nuclear submarines…
Chinese hackers used Pulse Secure VPN zero-day to breach US defense contractors
Two hacking groups, including at least one confirmed Chinese cyber-espionage outfit, have used a new zero-day vulnerability in Pulse Secure VPN equipment to gain a foothold inside the networks of US defense contractors and government organizations across the world.
Japanese police say Tick APT is linked to Chinese military
Japanese law enforcement believes a group of hackers linked to the Chinese military are behind a broad cyber-espionage campaign that has breached more than 200 Japanese companies and organizations since at least 2016.
Recent Chromium bug used to attack Chinese WeChat users
A Chrome exploit published online last week has been weaponized and abused to attack WeChat users in China, a local security firm reported on Friday.
US adds seven Chinese supercomputing entities to economic blacklist
The US Department of Commerce added today seven Chinese supercomputing entities to the US economic blacklist for assisting Chinese military efforts. The US said the entities are involved in activities “contrary to the national security or foreign policy interests of the United States,” such as building supercomputers used by the Chinese military and working on weapons of mass destruction.
Chinese Android malware gang still active and targeting Koreans 8 years later
Despite having its operations publicly exposed in the mid-2010s, a Chinese malware gang has not faced any legal consequences for their actions and has continued to operate undisturbed, spreading Android banking trojans inside South Korea.
‘We’re responding in election cycles:’ Niloofar Razi Howe on the big changes needed to prevent the next SolarWinds attack
In a hearing held by the House Committee on Appropriations last week, Niloofar Razi Howe described 2021 as “one of the most consequential years in cybersecurity—and it’s only March.” Between the fallout from the SolarWinds supply chain attack, Microsoft Exchange vulnerabilities, and a surge in ransomware incidents, cybersecurity experts in both the private and public sectors have a lot to worry about. The Biden administration and lawmakers across party lines have made the incidents a top priority, with many calling on the U.S. to harden defenses and aggressively respond to nation state intrusions….