News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Blackwood: Chinese malware collects data
Blackwood: Chinese malware collects data

The Chinese hacker group “Blackwood” is spying on people and companies in the UK, China and Japan using a tool called NSPX30. The malware reaches the target devices via official app updates. Cybercriminals are always finding ingenious ways to get valuable data. As ESET researchers have discovered, a previously unknown hacker group from China is hunting for data using a new tool called NSPX30. The special thing about it: Instead of infecting the user via malicious email attachments and websites, it reaches its target systems via official app updates. Since 2018, “Blackwood” has been spying, as the team…

Read more

I-Soon: China's state-run foreign hackers exposed 
I-Soon: China's state-run foreign hackers exposed - MS KI

Internally, it is certainly the biggest betrayal of China: an employee of the company I-Soon revealed data and services that were used to attack foreign companies and governments. China denies the issue of foreign hackers, but the leaked data is overwhelming and the disclosure of the tools' capabilities is reminiscent of the day of the Snoden leaks. Now China has its own Snowden. According to research by specialists at Malwarebytes and SentinelOne, this is what happened: Data from a Chinese cybersecurity provider working for the Chinese government revealed a number of hacking tools and services. Although the…

Read more

Chinese botnet Volt Typhoon smashed
B2B Cyber ​​Security ShortNews

The US government announced that it had disrupted the threat actor Volt Typhoon's botnet, which it used to attack critical infrastructure in the United States and other countries. An operation authorized by the American judiciary in December 2023 destroyed a botnet of hundreds of US-based small office/home office (SOHO) routers hijacked by state-sponsored hackers from the People's Republic of China (PRC). Volt Typhoon attacked critical infrastructure The hackers, known in the private sector as “Volt Typhoon,” used private SOHO routers infected with the “KV Botnet” malware...

Read more

Chinese malware on the rise
Chinese malware on the rise

Since the beginning of 2023, an increase in suspected Chinese cybercrime activities involving malware being distributed via email has been observed. Among other things, the Sainbox Remote Access Trojan (RAT) was used - a variant of the commodity Trojan Gh0stRAT. The newly identified ValleyRAT malware was also distributed as part of the activity. The campaigns observed were generally small in scope and mostly addressed global companies with branches in China. Email subject lines and content were commonly written in Chinese and were related to invoices, payments, and new products. The users who…

Read more

China: Companies must report vulnerabilities – hackers are already waiting
B2B Cyber ​​Security ShortNews

By law, companies in China - including foreign ones - are obliged to immediately report vulnerabilities in systems and errors in codes to a government agency. However, experts warn that China uses state-controlled hackers and could use the information about the vulnerabilities to gain almost unhindered access to companies' systems. The Atlantic Council think tank has published a report analyzing the new Chinese regulation that requires companies to report security vulnerabilities and errors in code to a government Ministry of Industry and Information Technology (MIIT) within 48 hours.

Read more

APT41: Chinese Android Monitoring Software Detected
B2B Cyber ​​Security ShortNews

Android surveillance software attributed to Chinese group APT41 has recently been discovered, according to experts at Lookout. Attacks by hacker groups like APT41, which focus on mobile devices, show that mobile endpoints are high-value targets with coveted data. WyrmSpy and DragonEgg are the two new dangerous variants of Android surveillance software discovered by Lookout. These spy apps are attributed to the well-known Chinese threat group APT41. Although the US government has filed multiple indictments over the group's attacks on more than 100 private and public companies in the US and around the world...

Read more

79 percent of APT attacks come from China
79 percent of APT attacks come from China

In the first quarter of 2023, attacks on the financial, telecommunications and energy sectors increased. In the ransomware space, financial gain is still crucial for the APT groups. "More than a year into the Ukraine war, cyberattacks have become a strategic weapon used by states to spy on adversaries and fuel societal divisions," said John Fokker, Head of Threat Intelligence, Trellix Advanced Research Center. “Well-known APT groups are a real threat to critical infrastructure such as telecommunications, energy supply and manufacturing in both leading economies and emerging markets. Public and private…

Read more

Security report Q1/23: New malware often from Russia and China 
Security report Q1/23: New malware often from Russia and China - Image by Egonetix_xyz on Pixabay

Cyber ​​attackers are constantly coming up with new attack methods. The security report for the first quarter of 1 not only shows new traps, but also proves that three of the four newcomers on the top 2023 malware list come from Russia and China. According to WatchGuard's Internet Security Report, attackers are now discovering new ways to trick users surfing the Internet. After web browsers have recently upgraded their protection mechanisms against pop-up abuse, cybercriminals are now focusing on the still relatively new browser notification options. Malware trends for Q10/1 How the analysis…

Read more

China malware: Volt Typhoon targets critical US infrastructure
China malware: Volt Typhoon targets critical US infrastructure

Microsoft has investigated the Volt Typhoon malware and determined that it originated from a state-sponsored actor based in China. Volt Typhoon targets critical infrastructure in the United States using "living-off-the-land" techniques. Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise access to credentials and discovery of network systems, targeting critical infrastructure organizations in the United States. US KRITIS Targeted The attack is being carried out by Volt Typhoon, a China-based state-sponsored actor that typically focuses on espionage…

Read more

Chinese, Russian APT groups attack Europe
Chinese, Russian APT groups attack Europe

The European Union is increasingly targeted by Chinese and Russian APT groups. This is shown by the current ESET APT report, which reports on the latest developments in hacker groups such as Lazarus, Mustang Panda or Ke3chang. ESET security experts are seeing increasing attacks by APT (Advanced Persistent Threat) groups with ties to China, North Korea and Russia on EU countries and organizations in these countries. With fake job offers from the aviation company Boeing, the Lazarus Group tried to steal access data from employees of a Polish armaments company. Ke3chang and Mustang Panda, players with ties to China, have also attacked European companies. As part of…

Read more