Tag: china
-
Chinese hackers exploiting VMware zero-day since October 2024
Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-exploiting-vmware-zero-day-since-october-2024/
-
New Chinese Nexus APT Group Targeting Organizations to Deploy NET-STAR Malware Suite
China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the Middle East, and Asia, deploying a newly discovered .NET malware suite called NET-STAR. First tracked by Unit 42 in June 2023 as cluster CL-STA-0043 and temporarily designated TGR-STA-0043 (Operation Diplomatic Specter) in May 2024, the…
-
New Smish: New York Department of Revenue
As I was visiting SmishTank to report the most recent SMish that I had received (an iMessage from a +27 South African telephone number claiming to be from ParkMobile) I noticed there had been many recent submissions from the New York Department of Revenue. SmishTank is operated by Professor Muhammad Lutfor Rahman, a colleague of mine…
-
UK convicts Chinese national in £5.5B crypto fraud, marks world’s largest Bitcoin seizure
A Chinese national was convicted in the UK for crypto fraud as police seized £5.5B (61,000 Bitcoin), the world’s largest cryptocurrency seizure. UK authorities raided the London home of Chinese national Zhimin Qian (47), also known as Yadi Zhang, and confiscated £5.5 billion (about $7.39 billion) in cryptocurrency, totaling 61,000 Bitcoin. Police described it as…
-
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs.The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions -VMware Cloud Foundation…
-
U.K. Police Just Seized £5.5 Billion in Bitcoin, The World’s Largest Crypto Bust
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London.The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the single largest such effort in the world, the Metropolitan…
-
U.K. Police Just Seized £5.5 Billion in Bitcoin, The World’s Largest Crypto Bust
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London.The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the single largest such effort in the world, the Metropolitan…
-
Chinese scammer pleads guilty after UK seizes nearly $7 billion in bitcoin
A Chinese national accused of running a fraudulent investment scheme pleaded guilty after U.K. police seized nearly $7 billion worth of Bitcoin during a raid of her home in north London. First seen on therecord.media Jump to article: therecord.media/chinese-scammer-guilty-seizure-uk
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
SMS Pools and what the US Secret Service Really Found Around New York
Tags: apple, authentication, business, china, conference, control, country, credit-card, crime, crypto, data, email, exploit, finance, fraud, google, group, Hardware, infrastructure, iphone, jobs, korea, law, linux, mfa, mobile, phishing, phone, scam, service, smishing, software, theft, usa, windowsLast week the United Nations General Assembly kicked off in New York City. On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services…
-
RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms
The post RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/rednovember-chinese-apt-expands-global-espionage-to-u-s-defense-aerospace-and-tech-firms/
-
China Prepares for Cyberattacks
China has implemented regulations for 1-hour reporting of severe cybersecurity incidents. This would include disruptions that impact over 50% of the people in a province or 10 million people, such as critical infrastructure attacks. The irony is that China is recognized for its advanced and aggressive foreign cyber operations. But there is brilliance in this…
-
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks
Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign distributing a new variant of a known malware called PlugX (aka Korplug or SOGU).”The new variant’s features overlap with both the RainyDay and Turian backdoors, including abuse of the same legitimate applications for DLL side-loading, the…
-
Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign
Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week First seen on theregister.com Jump to article: www.theregister.com/2025/09/27/rednovember_chinese_espionage/
-
Salt Typhoon: China’s State-Sponsored Espionage Group Infiltrates Global Telecoms for Long-Term Cyber Warfare
The post Salt Typhoon: China’s State-Sponsored Espionage Group Infiltrates Global Telecoms for Long-Term Cyber Warfare appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/salt-typhoon-chinas-state-sponsored-espionage-group-infiltrates-global-telecoms-for-long-term-cyber-warfare/
-
China is Fueling Surveillance Technology Adoption in Latin America”, Who is in Charge of Data Privacy?
China’s Belt and Road Initiative (BRI) is well known for funding major infrastructure projects, including new highways, ports and energy plants across more than 150 countries. However, China has also gained a serious foothold when it comes to surveillance infrastructure. This less publicized development has taken off in Latin America in particular, where 35 cities..…
-
China is Fueling Surveillance Technology Adoption in Latin America”, Who is in Charge of Data Privacy?
China’s Belt and Road Initiative (BRI) is well known for funding major infrastructure projects, including new highways, ports and energy plants across more than 150 countries. However, China has also gained a serious foothold when it comes to surveillance infrastructure. This less publicized development has taken off in Latin America in particular, where 35 cities..…
-
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors
China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use of the Go-based backdoor BRICKSTORM to maintain persistence in U.S. organizations since March 2025. Targets include legal, Software as a Service (SaaS) providers, Business Process Outsourcers…
-
BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days
The post BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/brickstorm-malware-china-linked-hackers-stealthily-target-us-tech-and-legal-firms-for-393-days/
-
New Chinese Espionage Hacking Group Uncovered
‘RedNovember’ Has Hacked Organizations in the US, Asia and Europe. A hacking group associated with widespread compromise of edge devices is a Chinese-state-aligned group, says cybersecurity firm Recorded Future. The firm says the threat actor, which it now tracks as RedNovember, is highly likely a Chinese state-sponsored threat activity group. First seen on govinfosecurity.com Jump…
-
Google Warns of BRICKSTORM Malware Driving Supply Chain Intrusions
China-linked hackers use BRICKSTORM malware to hit tech, SaaS, and legal firms, threatening the US supply chain. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/google-warns-brickstorm-malware/
-
Hackers reportedly steal pictures of 8,000 children from Kido nursery chain
Firm, which has 18 sites around London and more in US, India and China, has received ransom demand, say reportsThe names, pictures and addresses of about 8,000 children have reportedly been stolen from the Kido nursery chain by a gang of cybercriminals.The criminals have demanded a ransom from the company which has 18 sites around…
-
Chinese APT Drops ‘Brickstorm’ Backdoors on Edge Devices
The China-linked cyber-espionage group UNC5221 is compromising network appliances that cannot run traditional EDR agents to deploy new versions of the Brickstorm backdoor. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-apt-brickstorm-backdoors-edge-devices
-
Hackers reportedly steal details of 8,000 children from Kido nursery chain
Firm, which has 18 sites around London and more in US, India and China, has received ransom demand, say reportsThe names, pictures and addresses of about 8,000 children have reportedly been stolen from the Kido nursery chain by a gang of cybercriminals.The criminals have demanded a ransom from the company which has 18 sites around…
-
Chinese Hackers Deploy New PlugX Variant
Sophisticated Cyberespionage Campaign Targets Asian Telecom, Manufacturing Sectors. A remote access Trojan that’s a staple of Chinese nation-state hacking is part of an ongoing campaign targeting telecom and manufacturing sectors in Central and South Asian countries. The threat actor, tracked as Naikon, apparently has access to a new variant of PlugX malware. First seen on…
-
China-Linked Hackers Hit US Tech Firms with BRICKSTORM Malware
China-backed UNC5221 targets US legal and tech firms by deploying BRICKSTORM malware on neglected VMware and Linux/BSD appliances, Google’s Mandiant reports. First seen on hackread.com Jump to article: hackread.com/china-hackers-hit-us-tech-firms-brickstorm-malware/
-
Chinese State-Sponsored Hackers Targeting Telecommunications Infrastructure to Steal Sensitive Data
Tags: china, communications, cyber, data, espionage, exploit, group, hacker, infrastructure, intelligence, network, threatChinese state-sponsored cyber threat group Salt Typhoon has intensified long-term espionage operations against global telecommunications infrastructure, according to recent legal and intelligence reporting. Aligned with the Ministry of State Security (MSS) and active since at least 2019, Salt Typhoon has systematically exploited network edge devices to establish deep persistence and exfiltrate highly sensitive communications metadata,…
-
RedNovember Hackers Targeting Government and Tech Organizations to Install Backdoor
In July 2024, Recorded Future’s Insikt Group publicly exposed TAG-100, a cyber-espionage campaign leveraging the Go-based backdoor Pantegana against high-profile government, intergovernmental and private organizations worldwide. New evidence now attributes TAG-100 to a Chinese state-sponsored threat actor, designated RedNovember. Between June 2024 and July 2025, RedNovember”, overlapping with Storm-2077″, has expanded its operations to target…
-
Chinese State-Sponsored Hackers Targeting Telecommunications Infrastructure to Steal Sensitive Data
Tags: china, communications, cyber, data, espionage, exploit, group, hacker, infrastructure, intelligence, network, threatChinese state-sponsored cyber threat group Salt Typhoon has intensified long-term espionage operations against global telecommunications infrastructure, according to recent legal and intelligence reporting. Aligned with the Ministry of State Security (MSS) and active since at least 2019, Salt Typhoon has systematically exploited network edge devices to establish deep persistence and exfiltrate highly sensitive communications metadata,…