Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 Chinese Hackers
#31


Quote:App developer and privacy researcher Felix Krause published a report on the risks associated with some iOS apps injecting JavaScript code into third-party browsers.

Of the seven most popular iOS apps analyzed, Beijing-based TikTok was the only one that didn’t give users the option to open links with a third-party browser.

Klause found that TikTok’s iOS app “monitors all taps happening on websites, including taps on all buttons and links” accessed via its in-app browser.

“TikTok iOS subscribes to every keystroke (text inputs) happening on third party websites rendered inside the TikTok app. This can include passwords, credit card information, and other sensitive user data (keypress and keydown),” Krause wrote.
...
TikTok confirmed that the code exists in its iOS app, but claimed that it doesn’t use it.


Sure, TikTok. Sarcasm Sure.



Quote:A Chinese hacking group simultaneously used six different backdoors against more than a dozen industrial plants, research institutes, government agencies and ministries in Belarus, Russia, Ukraine and Afghanistan, researchers with Kaspersky said Monday.
...
The vulnerability exploited in the attack, first discovered in January 2022, allowed the attackers to execute code without any additional user activity, the researchers said. In one case, they said, the attackers gained control over an unnamed cybersecurity solutions control center and ran a “golden ticket” attack, which gave them widespread access and persistence in the network.

A Chinese hacking group tracked as TA428 by multiple threat intelligence research groups is the likely culprit, the Kaspersky researchers said Monday, based on various technical indicators and overlaps with previous operations, including one that targeted a Russian-based defense contractor with ties to the Russian Navy, according to Cybereason.
...
Chinese-aligned hackers associated with multiple groups and campaigns have been busy targeting Russian entities in the wake of the Feb. 24 Russian invasion of Ukraine, primarily seeking intelligence on Russian government thinking or planning, researchers have said.

Campaigns have also included information operations targeting both domestic and international audiences that have boosted Russian disinformation narratives, a reflection of the complicated and varying tasks of the plethora of Chinese-aligned hacking groups.


Sarcasm Take into account how Chinese hackers had attacked the Vatican once in order to learn more about some negotiations both the Vatican and the CCP were about to hold later on.



Quote:The Chinese government appears to use its software vulnerability disclosure rules to preview dangerous zero-day flaws before tech companies can deploy fixes, a top Department of Homeland Security official said Wednesday.

Beijing’s strict vulnerability reporting rules mean government officials could get “early access” to even the most serious vulnerabilities, DHS Under Secretary for Policy Robert Silvers said during the Black Hat cybersecurity conference in Las Vegas.
...
Silvers said that a DHS review board assembled to investigate the recent Log4j software vulnerability, which was initially discovered by the Chinese tech giant Alibaba, concluded its inquiry with “very troubling” questions about Chinese disclosure rules.
...
In the case of the Log4j vulnerability, however, Alibaba revealed the flaw prior to notifying the Chinese government, according to Silvers.

Chinese companies are required to report vulnerabilities to the government within two days of discovering them. They are also barred from publicly disclosing vulnerabilities during “major national events.”

Silvers was speaking about the findings of the DHS Cyber Safety Review Board, a group of 15 top public and private sector cybersecurity experts whose inaugural investigation into the Log4j vulnerability wrapped last month. He said that board members are concerned by Chinese news reports that Alibaba was punished for publicly disclosing the vulnerability before alerting the Chinese government.
...
The board found that Alibaba told the Chinese government about the vulnerability on Dec. 13, four days after informing the Apache Software Foundation, said Silvers. The Chinese government talked to the review board but did not address whether Alibaba was penalized in any way, he said.


Here's another solid proof of how the CCP doesn't believe in (cyber) transparency at all. Angry
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9

Maranatha!

The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.

[Image: SP1-Scripter.png]
[Image: SP1-Writer.png]
[Image: SP1-Poet.png]
[Image: SP1-PixelArtist.png]
[Image: SP1-Reporter.png]

My Original Stories (available in English and Spanish)

List of Compiled Binary Executables I have published...
HiddenChest & Roole

Give me a free copy of your completed game if you include at least 3 of my scripts! Laughing + Tongue sticking out

Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX
Reply }
#32


Quote:A Chinese-based cyberespionage group targeted Australian officials with reconnaissance malware to siphon off details about the victims hackers could use to execute more targeted strikes, researchers with cybersecurity firm Proofpoint and the PwC Threat Intelligence team said.

The cyberespionage campaign that focused on government, energy and manufacturing personnel in the Asia-Pacific region deployed phishing emails directing targets to a fake news outlet, the researchers said. The attackers — referred to as both TA423, Red Landon and APT40 — designed the site to deliver malware known as ScanBox.

The Chinese-based group has been active for nearly a decade, dating back to 2013, with a primary focus on the South China Sea, but known to have victims across the globe. In 2021, the Department of Justice tied APT40 to China’s Ministry of State Security.

In this latest campaign that took place between April and June, the hacking group appeared to focus on global heavy industry manufacturers that conduct maintenance of fleets of wind turbines in the South China Sea.

The phony “Australian Morning News” news site contained images and stories lifted from legitimate news organizations, the researchers said. A previous operation believed to be associated with the Chinese cyberespionage group, in 2018, targeted Cambodia in much the same way.
...
Analysis of the latest operation showed links to earlier activity from the group dating back to March 2021, the researchers found. Phishing emails sent between March 2021 and September 2021 used malicious RTF files to deliver Meterpreter, malware within the Metasploit framework that allows an attacker to run commands on a victim computer.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9

Maranatha!

The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.

[Image: SP1-Scripter.png]
[Image: SP1-Writer.png]
[Image: SP1-Poet.png]
[Image: SP1-PixelArtist.png]
[Image: SP1-Reporter.png]

My Original Stories (available in English and Spanish)

List of Compiled Binary Executables I have published...
HiddenChest & Roole

Give me a free copy of your completed game if you include at least 3 of my scripts! Laughing + Tongue sticking out

Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX
Reply }
#33

Quote:A long-running Chinese-linked cyberespionage group targeted a U.S. state legislature’s network in July, marking the outfit’s first confirmed attack against the U.S. in years, according to analysis published Thursday.

The findings from the Symantec Threat Hunter Team point to a group the company refers to as Budworm. Other researchers call the group Bronze Union, APT27, Emissary Panda, Lucky Mouse and Temp.Hippo. The group has operated since at least 2013 and is known for targeting a wide range of industries “in support of its political and military intelligence-collection objectives.”

The outfit has attacked “a number of strategically significant targets” over the last six months, Symantec said, including the government of a Middle Eastern country, a multinational electronics manufacturer as well as the unnamed U.S. state legislature.
...
National Security Agency cyber chief Rob Joyce told reporters last week that China has become “really brazen, doubling down on their activities to steal intellectual property and compromise sensitive networks.”

The comments came after the NSA, FBI and the Cybersecurity Infrastructure and Security Agency published the top vulnerabilities that Chinese-linked cyber operators use to target U.S. and allied networks.
...
The recent attacks Symantec attributes to Budworm took advantage of two Log4j vulnerabilities to compromise Apache Tomcat service on servers and install web shells. From there, the group installed malware from the HyperBro malware family, as well as the PlugX/Korplug remote access trojan, the researchers said.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9

Maranatha!

The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.

[Image: SP1-Scripter.png]
[Image: SP1-Writer.png]
[Image: SP1-Poet.png]
[Image: SP1-PixelArtist.png]
[Image: SP1-Reporter.png]

My Original Stories (available in English and Spanish)

List of Compiled Binary Executables I have published...
HiddenChest & Roole

Give me a free copy of your completed game if you include at least 3 of my scripts! Laughing + Tongue sticking out

Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX
Reply }
#34


Quote:A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world.

The primary targets of the intrusions from May to October 2022 included counties in the Asia Pacific region such as Myanmar, Australia, the Philippines, Japan, and Taiwan, cybersecurity firm Trend Micro said in a Friday report.

Mustang Panda, also called Bronze President, Earth Preta, HoneyMyte, and Red Lich, is a China-based espionage actor believed to be active since at least July 2018. The group is known for its use of malware such as China Chopper and PlugX to collect data from compromised environments.

Activities of the group chronicled by ESET, Google, Proofpoint, Cisco Talos, and Secureworks this year have revealed the threat actor's pattern of using PlugX (and its variant called Hodur) to infect a wide range of entities in Asia, Europe, the Middle East, and the Americas.

The latest findings from Trend Micro show that Mustang Panda continues to evolve its tactics in a strategy to evade detection and adopt infection routines that lead to the deployment of bespoke malware families like TONEINS, TONESHELL, and PUBLOAD.

"Earth Preta abused fake Google accounts to distribute the malware via spear-phishing emails, initially stored in an archive file (such as RAR/ZIP/JAR) and distributed through Google Drive links," researchers Nick Dai, Vickie Su, and Sunny Lu said.

Initial access is facilitated through decoy documents that cover controversial geopolitical themes to entice the targeted organizations into downloading and triggering the malware.

In some cases, the phishing messages were sent from previously compromised email accounts belonging to specific entities, indicating the efforts undertaken by the Mustang Panda actor to increase the likelihood of the success of its campaigns.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9

Maranatha!

The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.

[Image: SP1-Scripter.png]
[Image: SP1-Writer.png]
[Image: SP1-Poet.png]
[Image: SP1-PixelArtist.png]
[Image: SP1-Reporter.png]

My Original Stories (available in English and Spanish)

List of Compiled Binary Executables I have published...
HiddenChest & Roole

Give me a free copy of your completed game if you include at least 3 of my scripts! Laughing + Tongue sticking out

Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX
Reply }




Users browsing this thread: