Tag: china
-
China-Based Threat Actor Mustang Panda’s TTPs Leaked
A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda, an advanced persistent threat (APT) group based in China, which has illuminated their intricate activities. First observed in 2017 but potentially active since 2014, Mustang Panda is a state-sponsored actor specializing in cyber espionage, targeting…
-
Chinese UNC6384 Hackers Use Valid Code-Signing Certificates to Evade Detection
Google Threat Intelligence Group (GTIG) has uncovered a multifaceted cyber espionage operation attributed to the PRC-nexus threat actor UNC6384, believed to be associated with TEMP.Hex (also known as Mustang Panda). This campaign, aligned with China’s strategic interests, primarily targeted diplomats in Southeast Asia alongside global entities, employing advanced tactics such as adversary-in-the-middle (AitM) attacks, captive…
-
South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities
The 34-year-old suspect, identified only by his surname Jeon, was taken into custody last Friday and appeared in court on Sunday for a pretrial detention hearing, according to the Seoul police. First seen on therecord.media Jump to article: therecord.media/south-korea-arrests-hacker-accused-of-targeting-celebrities-bts
-
Chinese APT Leverages Proxy and VPN Services to Obfuscate Infrastructure
Tags: apt, china, cyber, cybersecurity, data, group, infrastructure, korea, leak, north-korea, service, threat, vpnA significant data dump surfaced on DDoSecrets.com, purportedly extracted from a workstation belonging to a threat actor targeting organizations in South Korea and Taiwan. The leak, detailed in an accompanying article, attributes the activity to the North Korean advanced persistent threat (APT) group known as Kimsuky, a sophisticated actor previously highlighted in cybersecurity advisories for…
-
Chinese Developer Jailed for Deploying Malicious Code at US Company
A Chinese developer has been sentenced to four years in prison after being found to deploy malicious code in his employer’s network, including a “kill switch” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-developer-malicious-code-us/
-
Chinese Hacker Sentenced for Kill Switch Attack on Ohio Firm’s Global Network
A federal court has handed down a four-year prison term to a former software developer who sabotaged his employer’s global network with a custom “kill switch,” crippling operations and inflicting hundreds of thousands in losses. Davis Lu, 55, a Chinese national legally residing and working in Houston, was sentenced on August 21 by U.S. District…
-
Security Affairs newsletter Round 538 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Kidney dialysis firm DaVita confirms ransomware attack compromised data of 2.7M people China-linked Silk Typhoon APT…
-
China-linked Silk Typhoon APT targets North America
China-linked Silk Typhoon APT group ramp up North America attacks, exploiting n-day and zero-day flaws for system access, CrowdStrike warns. China-linked Silk Typhoon APT group (aka Murky Panda) targets organizations in North America exploiting n-day and zero-day flaws for system access, CrowdStrike warns. This Chinese APT has one of the widest targeting scopes. In March,…
-
Microsoft schränkt Chinas frühzeitigen Zugriff auf Schwachstellen ein
Die China-Connections scheinen Microsoft wieder einmal “auf die Füße gefallen zu sein”. Ich bin auf Berichte gestoßen, dass Microsoft Sicherheitsforschern aus China keinen frühzeitigen Zugriff mehr auf 0-Day-Schwachstellen oder Proof of Concept (PoC) Exploits mehr gewähnt. Der SharePoint-Vorfall mit Hacks … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/23/microsoft-schraenkt-chinas-fruehzeitigen-zugriff-auf-schwachstellen-ein/
-
Murky Panda hackers exploit cloud trust to hack downstream customers
A Chinese state-sponsored hacking group known as Murky Panda (Silk Typhoon) exploits trusted relationships in cloud environments to gain initial access to the networks and data of downstream customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/murky-panda-hackers-exploit-cloud-trust-to-hack-downstream-customers/
-
Silk Typhoon Attacks North American Orgs in the Cloud
A Chinese APT is going where most APTs don’t: deep into the cloud, compromising supply chains and deploying uncommon malware. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/silk-typhoon-north-american-orgs-cloud
-
China-nexus hacker Silk Typhoon targeting cloud environments
The state-linked espionage group has exploited zero-day flaws in Commvault and Citrix Netscaler, researchers say. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-hacker-silk-typhoon-cloud/758409/
-
NVIDIA CEO Dismisses Chip Security Allegations as China Orders Firms to Halt Purchases
NVIDIA is also reportedly working on a new AI chip for customers in China that outperforms the company’s H20. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-nvidia-dismisses-h20-security-concerns/
-
China-nexus hacker Silk Typhoon targeting cloud environments
The state-linked espionage group has exploited zero-day flaws in Commvault and Citrix Netscaler, researchers say. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-hacker-silk-typhoon-cloud/758409/
-
China-linked Murky Panda targets and moves laterally through cloud services
In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/22/china-linked-murky-panda-targets-and-moves-laterally-through-cloud-services/
-
China-linked Murky Panda targets and moves laterally through cloud services
In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/22/china-linked-murky-panda-targets-and-moves-laterally-through-cloud-services/
-
Chinese national who sabotaged Ohio company’s systems handed four-year jail stint
A Houston resident was sentenced to four years in prison for intentionally installing malicious code on his employer’s computer systems, which he activated when his role was terminated. First seen on therecord.media Jump to article: therecord.media/chinese-national-sentenced-prison
-
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks.”The adversary has also shown considerable ability to quickly weaponize N-day and zero-day vulnerabilities and frequently achieves initial access to their targets by First seen…
-
After SharePoint attacks, Microsoft stops sharing PoC exploit code with China
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures.…
-
Former developer jailed after deploying kill-switch malware at Ohio firm
Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out after his account was disabled. The Chinese national was also sentenced to three years of…
-
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled.Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers…
-
HTTPS-Traffic blockiert: Große Firewall schneidet China vom weltweiten Internet ab
Chinas Große Firewall hat vorübergehend fast den gesamten HTTPS-Datenverkehr zu anderen Ländern gekappt. Der Grund dafür ist unklar. First seen on golem.de Jump to article: www.golem.de/news/https-traffic-blockiert-grosse-firewall-schneidet-china-vom-weltweiten-internet-ab-2508-199427.html
-
Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code
Better late than never after SharePoint assault? First seen on theregister.com Jump to article: www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/
-
CrowdStrike warns of uptick in Silk Typhoon attacks this summer
The China-affiliated espionage group, which CrowdStrike tracks as Murky Panda, has been linked to more than a dozen incident response cases since late spring. First seen on cyberscoop.com Jump to article: cyberscoop.com/crowdstrike-silk-typhoon-murky-panda-china-espionage/
-
NOTGreat Firewall: China Blocks the Web for 74 Min.
Xi Whiz: HTTPS connections on port 443 received forged replies. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/great-firewall-china-web-74-minutes-richixbw/
-
Microsoft restricts Chinese firms’ access to vulnerability warnings after hacking concerns
Tags: access, china, compliance, cybersecurity, data, government, hacking, intelligence, microsoft, service, threat, vulnerability, windowsEnterprise operations fallout: Microsoft’s decision may have broader operational consequences for multinational corporations (MNCs), particularly those with significant operations in China. For some, the move adds pressure to an already delicate balancing act between geopolitical expectations and local compliance risks.”MNCs operating in China already know they are in the crosshairs of both the Chinese and…
-
China cut itself off from the global internet for an hour on Wednesday
Great Firewall took out all traffic to port 443 at a time Beijing didn’t have an obvious need to keep its netizens in the dark First seen on theregister.com Jump to article: www.theregister.com/2025/08/21/china_port_443_block_outage/
-
US Reportedly Hid Trackers in Shipments to Monitor AI Chips Diverted to China
Trackers were placed in the packaging and sometimes inside servers from Dell and Super Micro, according to Reuters. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-us-tracking-shipments-us-chips-china/