Russian hackers offered phony drone training to exploit WinRAR vulnerability

Despite an August patch, Russian and Chinese state-backed hackers are using a vulnerability in the popular software to carry out espionage.

The post Russian hackers offered phony drone training to exploit WinRAR vulnerability appeared first on CyberScoop.

Continue reading Russian hackers offered phony drone training to exploit WinRAR vulnerability

Chinese hackers zero in on Australian manufacturers, wind turbine operators

The recently uncovered hacking activity is connected to a decade-old Chinese cyberespionage operation, researchers said.

The post Chinese hackers zero in on Australian manufacturers, wind turbine operators appeared first on CyberScoop.

Continue reading Chinese hackers zero in on Australian manufacturers, wind turbine operators

Nations come together to condemn China: APT31 and APT40

 On Monday (19JUL2021) President Biden announced that the US and its allies were joining together to condemn and expose that China was behind a set of unprecedented attacks exploiting vulnerabilities in Microsoft Exchange servers conducted earlier this… Continue reading Nations come together to condemn China: APT31 and APT40

Twitter restricts account of Intrusion Truth, which doxxes suspected Chinese hackers

Twitter on Tuesday moved to restrict the account of a mysterious group that has published details on suspected state-sponsored hackers from China. The group, Intrusion Truth, had spent recent days hinting that it would go public with new allegations against possible hackers, teasing followers with messages like “Watch this space” and “Who’s excited? We are.” The identity of the person or group behind Intrusion Truth has remained elusive since it started publishing information in 2017, including missives about how Chinese technology companies allegedly supported espionage on Beijing’s behalf. Intrusion Truth’s Twitter account suggested it would publish new information on Wednesday about “hackers based in Chengdu,” a city in southwestern China. Twitter, though, plastered a warning on the account, saying that the account was “temporarily restricted” because “there has been some unusual activity.” Users still could access the page at press time Tuesday, though they would need to click through to […]

The post Twitter restricts account of Intrusion Truth, which doxxes suspected Chinese hackers appeared first on CyberScoop.

Continue reading Twitter restricts account of Intrusion Truth, which doxxes suspected Chinese hackers

Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks. Continue reading Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks. Continue reading Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

Microsoft says it nixed China-linked hackers’ apps from Azure cloud

Security researchers at Microsoft say they upended a hacking campaign that used the company’s own Azure commercial cloud service as part of the command-and-control network for its malware. The hacking group — labeled Gadolinium by Microsoft and also known as APT40 — was hosting apps on the Azure Active Directory and using open source tools “to enhance weaponization of their malware payload, attempt to gain command and control all the way to the server, and to obfuscate detection,” the researchers said in a report published Thursday. APT40 has been linked to China’s government, and recent targets have reportedly included organizations in Taiwan and Malaysia. The typical goal is data exfiltration for espionage, according to researchers at FireEye, Kaspersky and other security companies. Microsoft’s report does not mention China by name, but notes that the hacking group has previously focused on the maritime and health industries. Beijing has denied in the past that […]

The post Microsoft says it nixed China-linked hackers’ apps from Azure cloud appeared first on CyberScoop.

Continue reading Microsoft says it nixed China-linked hackers’ apps from Azure cloud

Taiwan accuses Chinese hackers of aggressive attacks on government agencies

The Taiwanese government on Wednesday accused Chinese government-linked hackers of targeting 10 Taiwanese government agencies and 6,000 email accounts of officials in an escalation of Beijing’s long-running espionage on the island. Over the course of two years, Chinese hackers have infiltrated a variety of Taiwanese government offices in an effort to steal sensitive documents, Liu Chia-zung, an official in the Taiwan Investigation Bureau’s Cyber Security Investigation Office, said at a press conference. Liu conceded that with the breach of key IT infrastructure, at least some data may have been exposed. It is only the latest in a wave of suspected Chinese hacking campaigns to hit Taiwan, which China considers its territory. The Taiwanese semiconductor industry, a centerpiece of the global supply chain for smartphones, has also come under sustained assault from hackers that appear to be based in China, private researchers said earlier this month. And in May, Taiwan suggested that a broad […]

The post Taiwan accuses Chinese hackers of aggressive attacks on government agencies appeared first on CyberScoop.

Continue reading Taiwan accuses Chinese hackers of aggressive attacks on government agencies