Source |
CSO |
Identifiant |
8310554 |
Date de publication |
2023-02-15 08:49:00 (vue: 2023-02-15 17:07:00) |
Titre |
China-based cyberespionage actor seen targeting South America |
Texte |
China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft's Security Intelligence team. The initiative is “a notable expansion of the group's data exfiltration operations that traditionally targeted gov't agencies and think tanks in Asia and Europe,” the team tweeted on Monday. DEV-0147's attacks in South America included post-exploitation activity involving the abuse of on-premises identity infrastructure for reconnaissance and lateral movement, and the use of Cobalt Strike - a penetration testing tool - for command and control and data exfiltration, Microsoft wrote in its tweet. To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
0147 abuse according activity actor agencies america article asia attacks based been china click cobalt command compromising control cyberespionage data dev diplomatic europe exfiltration expansion exploitation full gov group has here identity included infrastructure initiative intelligence involving its lateral microsoft monday movement notable observed operations penetration please post premises read reconnaissance security seen south strike tanks targeted targeting targets team team tweeted on testing think tool traditionally tweet use wrote dev the to |
Tags |
Tool
|
Stories |
|
Notes |
★★
|
Move |
|