Mustang

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

Apr 17, 2025 by iHash Leave a Comment

The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a new … [Read more...] about Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS

Feb 21, 2024 by iHash Leave a Comment

Feb 21, 2024NewsroomMalware / Cyber Espionage The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only … [Read more...] about Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS

Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware

Mar 23, 2022 by iHash Leave a Comment

A China-based advanced persistent threat (APT) known as Mustang Panda has been linked to an ongoing cyberespionage campaign using a previously undocumented variant of the PlugX remote access trojan on infected machines. Slovak cybersecurity firm ESET dubbed the new version Hodur, owing to its resemblance to another PlugX (aka Korplug) variant called THOR that came to light in … [Read more...] about Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware

Triada: a Trojan pre-installed on Android smartphones out of the box

The familiar checkout ritual at the supermarket: once everything’s been scanned — the offer, delivered with a hopeful smile: “Chocolate bar for the road? It’s a good one, and the discount is almost criminal”. If you’re lucky, you get a delicious bonus at a great price. But more often than not they’re trying to sell […]

Detecting privileged access activity: A new Kibana integration

The new advanced detection analytics package to detect privileged access activity Privileged accounts are a prime target for attackers, often exploited to accelerate access and move laterally within networks. Given the prevalence of access brokers who satisfy a nearly endless demand for stolen credentials, organizations need robust detection mechanisms to identify suspicious privileged activities as […]

CrowdStrike Falcon for IT Adds Endpoint Automation Capabilities

Today, CrowdStrike is releasing automated baseline enforcement and remediation in CrowdStrike Falcon® for IT to secure misconfigured devices and consistently address vulnerabilities across endpoints. Operators can now centrally manage and enforce endpoint configurations across platforms to support security and compliance efforts. Security and IT teams must ensure endpoints are secure and compliant according to […]

Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals

Apr 22, 2025Ravie LakshmananIoT Security / Malware Cybersecurity researchers have detailed a malware campaign that’s targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly profit off the compute resources. This […]

CrowdStrike Falcon Privileged Access Secures Critical Hybrid Identity Environments

CrowdStrike is excited to announce CrowdStrike Falcon Privileged Access, a new offering within CrowdStrike Falcon® Identity Protection that uses high-fidelity risk signals to provide just-in-time access to organizations’ critical permissions and resources. Adversaries know valid credentials unlock access to data, infrastructure, and capabilities. Nearly 80% of attacks to gain initial access are malware-free, the […]

How Cushman & Wakefield Secures Identities with Falcon Identity Protection

For years, Cushman & Wakefield’s security team knew that remote desktop protocol (RDP) access was a potential weak point, but enforcing multifactor authentication (MFA) for RDP was out of reach. The company’s legacy cybersecurity tools simply didn’t support it, leaving critical systems vulnerable to credential-based attacks. “We knew attackers target RDP as an easy […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

iProVPN: 3-Year Subscription for $29

Apple AirPods Pro 2 with MagSafe USB-C Charging Case (Refurbished) for $159

Apple Mac mini M2 (Early 2023) 8GB RAM 256GB SSD (Refurbished) for $359

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS

Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware