Tag: china
-
Ungepatchte Sicherheitslücke: Chinesische Hacker kapern seit Wochen Cisco-Systeme
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
Chinese Ink Dragon Breaches European Government Networks, Affecting Asia and South America
Ink Dragon, a Chinese espionage group, has significantly expanded its operational reach from Southeast Asia and South America into European government networks, according to ongoing research by Check Point Research. The threat actor employs a methodical approach that combines strategic server compromises with sophisticated relay infrastructure to maintain persistent access and support global operations. The…
-
Ungepatchte Sicherheitslücke: Cisco-Systeme werden seit Wochen attackiert
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
Microsoft 365 Outage Disrupts Teams, Outlook, and Copilot in Japan and China
Thousands of users across Japan and China experienced significant disruptions to Microsoft 365 services on Thursday morning due to a critical routing issue affecting the company’s infrastructure. The outage affected essential workplace tools, including Teams, Outlook, OneDrive, and Copilot, resulting in widespread operational challenges for enterprises in the Asia-Pacific region. Service Disruption Details The incident…
-
Zoff im Datenraum
China baut bis 2028 über 100 Datenräume auf. Europa reagiert darauf mit eigenen Konzepten, die aber werden bislang zu wenig wahrgenommen. First seen on golem.de Jump to article: www.golem.de/news/cloud-zoff-im-datenraum-2512-203364.html
-
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.The networking equipment major said it became aware of the intrusion campaign on December…
-
‘Ink Dragon’ threat group targets IIS servers to build stealthy global network
Tags: access, attack, china, control, credentials, data, exploit, firewall, government, group, infrastructure, intelligence, microsoft, network, office, threat, vulnerability, wafmodus operandi to several other Chinese threat groups engaged in nation-state surveillance, such as UNC6384, whose campaigns targeted European diplomats.However, during a recent investigation at the office of a European government, Check Point said it had discovered that the group has now pivoted towards what it called “an unusually sophisticated playbook” with longer term goals.Key…
-
Ink Dragon’s Global Mesh: How Chinese Spies Turn Compromised Government Servers into C2 Relay Nodes
The post Ink Dragon’s Global Mesh: How Chinese Spies Turn Compromised Government Servers into C2 Relay Nodes appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/ink-dragons-global-mesh-how-chinese-spies-turn-compromised-government-servers-into-c2-relay-nodes/
-
Chinese Hackers Hijack European Networks for Espionage
Ink Dragon Compromised IIS Networks to Relay ShadowPad Malware. A Chinese hacking group is using compromised European government networks as relay nodes to route commands and support other hacking operations. Security firm Check Point attributed the campaign to a Chinese espionage group it tracks as Ink Dragon. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-hijack-european-networks-for-espionage-a-30319
-
Cisco email security appliances rooted and backdoored via still unpatched zero-day
A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/17/cisco-secure-email-cve-2025-20393/
-
Chinese Hackers Turn Compromised Servers Into ShadowPad Nodes
A sophisticated Chinese threat actor tracked as Ink Dragon has been weaponizing a custom ShadowPad IIS Listener module to convert compromised servers into distributed relay nodes, according to research by Check Point Research. The tactic represents a significant escalation in the group’s operational capabilities, enabling attackers to establish persistent, multi-layered command-and-control infrastructure that spans victim…
-
Cisco says Chinese hackers are exploiting its customers with a new zero-day
Cisco said it discovered a Chinese hacking campaign targeting its customers by exploiting a zero-day in some of the company’s most popular products. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/17/cisco-says-chinese-hackers-are-exploiting-its-customers-with-a-new-zero-day/
-
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America.Check Point Research is tracking the cluster under the name Ink Dragon. It’s also referenced by the broader cybersecurity community under the names CL-STA-0049,…
-
Chinese Ink Dragon Group Hides in European Government Networks
China’s Ink Dragon is using European government networks to hide its espionage activity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-ink-dragon-hides-european/
-
China’s Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out First seen on theregister.com Jump to article: www.theregister.com/2025/12/16/chinas_ink_dragon_hides_out/
-
China’s Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out First seen on theregister.com Jump to article: www.theregister.com/2025/12/16/chinas_ink_dragon_hides_out/
-
Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw
Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/google-finds-five-china-nexus-groups-exploiting-react2shell-flaw/
-
Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw
Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/google-finds-five-china-nexus-groups-exploiting-react2shell-flaw/
-
House Homeland Security chairman keeps attention on cyber issues
After several disrupted months as House Homeland Security Committee chairman, Rep. Andrew Garbarino made time to discuss cyber issues such as an upcoming Trump administration strategy document and Chinese state-backed threats. First seen on therecord.media Jump to article: therecord.media/andrew-garbarino-legislation-cyber-policy-outlook
-
Chinese Surveillance and AI
New report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article: China is already the world’s largest exporter of AI powered surveillance technology; new surveillance technologies and platforms developed in China are also not likely to simply stay there. By exposing the full scope of China’s AI driven…
-
Chinese Surveillance and AI
New report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article: China is already the world’s largest exporter of AI powered surveillance technology; new surveillance technologies and platforms developed in China are also not likely to simply stay there. By exposing the full scope of China’s AI driven…
-
Nation-State and Cybercrime Exploits Tied to React2Shell
Tags: china, cve, cybercrime, ddos, exploit, hacker, iran, korea, malware, north-korea, service, update, vulnerability2 More Vulnerabilities Need Patching in React Server Components, Warns Vercel. Mass exploitation of the React2Shell – CVE-2025-55182 – vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn. First seen on govinfosecurity.com Jump to…
-
Security for AI: How Shadow AI, Platform Risks, and Data Leakage Leave Your Organization Exposed
Tags: access, ai, attack, awareness, business, chatgpt, china, cloud, compliance, control, corporate, cybersecurity, data, data-breach, defense, detection, endpoint, governance, guide, infrastructure, injection, leak, LLM, malicious, microsoft, mitigation, monitoring, network, open-source, openai, privacy, RedTeam, risk, saas, service, strategy, threat, tool, training, vulnerabilityYour employees are using AI whether you’ve sanctioned it or not. And even if you’ve carefully vetted and approved an enterprise-grade AI platform, you’re still at risk of attacks and data leakage. Key takeaways: Security teams face three key risks as AI usage becomes widespread at work: Shadow AI, the challenge of safely sanctioning tools,…
-
Security for AI: How Shadow AI, Platform Risks, and Data Leakage Leave Your Organization Exposed
Tags: access, ai, attack, awareness, business, chatgpt, china, cloud, compliance, control, corporate, cybersecurity, data, data-breach, defense, detection, endpoint, governance, guide, infrastructure, injection, leak, LLM, malicious, microsoft, mitigation, monitoring, network, open-source, openai, privacy, RedTeam, risk, saas, service, strategy, threat, tool, training, vulnerabilityYour employees are using AI whether you’ve sanctioned it or not. And even if you’ve carefully vetted and approved an enterprise-grade AI platform, you’re still at risk of attacks and data leakage. Key takeaways: Security teams face three key risks as AI usage becomes widespread at work: Shadow AI, the challenge of safely sanctioning tools,…
-
Google links more Chinese hacking groups to React2Shell attacks
Over the weekend, Google’s threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity “React2Shell” remote code execution vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-links-more-chinese-hacking-groups-to-react2shell-attacks/
-
Google links more Chinese hacking groups to React2Shell attacks
Over the weekend, Google’s threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity “React2Shell” remote code execution vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-links-more-chinese-hacking-groups-to-react2shell-attacks/
-
China’s WARP PANDA APT Deploys BRICKSTORM Backdoor to Hijack VMware vCenter/ESXi and Azure Cloud
The post China’s WARP PANDA APT Deploys BRICKSTORM Backdoor to Hijack VMware vCenter/ESXi and Azure Cloud appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/chinas-warp-panda-apt-deploys-brickstorm-backdoor-to-hijack-vmware-vcenter-esxi-and-azure-cloud/
-
China’s WARP PANDA APT Deploys BRICKSTORM Backdoor to Hijack VMware vCenter/ESXi and Azure Cloud
The post China’s WARP PANDA APT Deploys BRICKSTORM Backdoor to Hijack VMware vCenter/ESXi and Azure Cloud appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/chinas-warp-panda-apt-deploys-brickstorm-backdoor-to-hijack-vmware-vcenter-esxi-and-azure-cloud/
-
China’s WARP PANDA APT Deploys BRICKSTORM Backdoor to Hijack VMware vCenter/ESXi and Azure Cloud
The post China’s WARP PANDA APT Deploys BRICKSTORM Backdoor to Hijack VMware vCenter/ESXi and Azure Cloud appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/chinas-warp-panda-apt-deploys-brickstorm-backdoor-to-hijack-vmware-vcenter-esxi-and-azure-cloud/