Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-11-15 08:46:34 |
Previously undetected Earth Longzhi APT group is a subgroup of APT41 (lien direct) |
>Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this year, Trend Micro investigated a security breach suffered by a company in Taiwan. Threat actors employed a custom Cobalt Strike loader in the attack. Further analysis, revealed that the same threat actor targeted multiple regions […]
|
Threat
Guideline
|
APT 41
|
★★★★
|
|
2022-10-18 14:15:09 |
China-linked APT41 group targets Hong Kong with Spyder Loader (lien direct) |
>China-linked threat actors APT41 (a.k.a. Winnti) targeted organizations in Hong Kong, in some cases remaining undetected for a year. Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41, Axiom, Barium, Blackfly) is a cyberespionage […]
|
Threat
Guideline
|
APT 41
APT 17
|
|
|
2022-01-21 11:59:14 |
MoonBounce UEFI implant spotted in a targeted APT41 attack (lien direct) |
Researchers have spotted China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. Kaspersky researchers spotted the China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single […]
|
Threat
Guideline
|
APT 41
|
|
|
2021-01-15 14:13:30 |
Winnti APT continues to target game developers in Russia and abroad (lien direct) |
A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn. Cybersecurity researchers from Positive Technologies have uncovered a series of attacks conducted by a Chinese threat actor that aimed at organizations in Russia and Hong Kong. Experts attribute the attacks to the China-linked Winnti APT group (aka APT41) […]
|
Threat
Guideline
|
APT 41
APT 41
|
|
|
2020-03-25 22:17:01 |
China-linked APT41 group exploits Citrix, Cisco, Zoho flaws (lien direct) |
The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a global scale. The campaign was uncovered by FireEye, threat actor targeted many organizations worldwide the […]
|
Threat
Guideline
|
APT 41
|
|