Jan 20, 2023Ravie LakshmananFirewall / Network Security A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the exploitation occurred … [Read more...] about Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
Chinese
RedZei Chinese Scammers Targeting Chinese Students in the U.K.
Jan 02, 2023Ravie LakshmananOnline Scam / Cybersecurity Chinese international students in the U.K. have been targeted by persistent Chinese-speaking scammers for over a year as part of an activity dubbed RedZei (aka RedThief). "The RedZei fraudsters have chosen their targets carefully, researched them and realized it was a rich victim group that is ripe for exploitation," … [Read more...] about RedZei Chinese Scammers Targeting Chinese Students in the U.K.
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. All these Chinese telecom and video surveillance companies were previously included in the Covered List as of March 12, 2021. "The FCC is committed to … [Read more...] about U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Data
Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China. The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts … [Read more...] about New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Data
New Chinese Cyberespionage Group Targeting IT Service Providers and Telcos
Telecommunications and IT service providers in the Middle East and Asia are being targeted by a previously undocumented Chinese-speaking threat group dubbed WIP19. The espionage-related attacks are characterized by the use of a stolen digital certificate issued by a Korean company called DEEPSoft to sign malicious artifacts deployed during the infection chain to evade … [Read more...] about New Chinese Cyberespionage Group Targeting IT Service Providers and Telcos
New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode … [Read more...] about New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems. Infection chains leverage a chat application called MiMi, with its installer files compromised to download and install HyperBro … [Read more...] about Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
Researchers have disclosed a new offensive framework called Manjusaka that they call a "Chinese sibling of Sliver and Cobalt Strike." "A fully functional version of the command-and-control (C2), written in GoLang with a User Interface in Simplified Chinese, is freely available and can generate new implants with custom configurations with ease, increasing the likelihood of wider … [Read more...] about Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
TikTok Assures U.S. Lawmakers it’s Working to Safeguard User Data From Chinese Staff
Following heightened worries that U.S. users' data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it's taking steps to "strengthen data security." The admission that some China-based employees can access information from U.S. users came in a letter sent to nine senators, which further … [Read more...] about TikTok Assures U.S. Lawmakers it’s Working to Safeguard User Data From Chinese Staff
Chinese Hacker Groups Continue to Target Indian Power Grid Assets
China-linked adversaries have been attributed to an ongoing onslaught against Indian power grid organizations, one year after a concerted campaign targeting critical infrastructure in the country came to light. Most of the intrusions involved a modular backdoor named ShadowPad, according to Recorded Future's Insikt Group, a sophisticated remote access trojan which has been … [Read more...] about Chinese Hacker Groups Continue to Target Indian Power Grid Assets