Summary: The Trump administration has dissolved all advisory committee memberships within the Department of Homeland Security (DHS), including the Cyber Safety Review Board (CSRB), which has been critical of major cybersecurity failures. This decision raises concerns about the future of cybersecurity oversight and the potential implications for national security.…
Read More
Tag: CHINA
Summary: The US government has disclosed details of two exploit chains used by Chinese hackers to infiltrate Ivanti Cloud Service Appliances (CSA), highlighting significant vulnerabilities. Four critical security flaws have been identified, which are actively exploited by these threat actors. The advisory emphasizes the importance of monitoring and securing affected systems to prevent further intrusions.…
Read More
ESET researchers have uncovered a previously undisclosed APT group, PlushDaemon, linked to China, which executed a supply-chain attack on a South Korean VPN developer in 2023. The attackers replaced the legitimate VPN installer with a malicious version that deployed a sophisticated backdoor known as SlowStepper. This backdoor features a comprehensive toolkit with over 30 components, allowing extensive cyber espionage capabilities.…
Read More
Summary: The video discusses ongoing security issues related to Google Ads, where users are being targeted by phishing scams that lead to credential harvesting. It highlights the role of specific malicious actors and recent sanctions imposed by the US government against certain individuals and organizations involved in cyber crimes.…
Read More
Summary: A newly identified Chinese threat group, PlushDaemon, has executed a supply chain attack against South Korean VPN developer IPany, deploying a custom backdoor for cyber-espionage. This attack marks a shift in the group’s tactics, which typically involve hijacking legitimate updates of applications. The group has been active since at least 2019, targeting various regions including South Korea and the US.…
Read More
Summary: Conor Fitzpatrick, the founder of the cybercrime platform BreachForums, is set to be resentenced after a three-judge panel vacated a previous lenient sentence that allowed him to serve only 17 days in prison. The appellate court criticized the district court’s decision, which was influenced by Fitzpatrick’s age and autism diagnosis, for being “substantively unreasonable” given his extensive criminal activities.…
Read More
Summary: A new Chinese state-sponsored hacker group, PlushDaemon, has been targeting users in East Asia through an espionage campaign involving a compromised VPN installer from South Korean firm IPany. The attackers deployed custom malware capable of extensive data collection and spying on victims. Although discovered recently, PlushDaemon has been active since at least 2019, focusing on espionage against various entities across multiple countries.…
Read More
Summary: A recent agreement between Iran and Russia aims to enhance military, security, and technological cooperation, particularly in cybersecurity and internet regulation. The deal, signed by leaders of both nations, seeks to formalize their close ties and establish stronger control over the digital space. Both countries, known for their restrictive internet policies, plan to collaborate on countering cybercrime and managing national internet segments.…
Read More
Summary: A supply chain attack on South Korean VPN provider IPany by the PlushDaemon hacking group resulted in the deployment of the SlowStepper malware through a compromised VPN installer. The attack affected multiple companies, including a semiconductor firm, with signs of infection dating back to November 2023.…
Read More
The 20th edition of the Cloudflare DDoS Threat Report highlights significant increases in DDoS attacks in 2024, with a record-breaking 5.6 Tbps attack detected. Cloudflare’s DDoS defense systems blocked over 21 million attacks this year, showcasing the growing threat landscape and the importance of robust cybersecurity measures.…
Read More
Summary: Threat actors are exploiting a zero-day vulnerability in Cambium Networks cnPilot routers to deploy the AIRASHI variant of the AISURU botnet for DDoS attacks. The botnet has been active since June 2024, leveraging multiple known vulnerabilities and targeting devices primarily in Brazil, Russia, Vietnam, and Indonesia.…
Read More
Summary: A newly identified China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack on a South Korean VPN provider, utilizing a sophisticated backdoor known as SlowStepper. This backdoor features a comprehensive toolkit designed for espionage and data collection, indicating the group’s significant operational capabilities since at least 2019.…
Read More
Summary: Cloudflare reported the largest DDoS attack to date, peaking at 5.6 Tbps, which targeted an unnamed ISP in Eastern Asia on October 29, 2024. The attack, originating from a Mirai-variant botnet, lasted only 80 seconds and involved over 13,000 IoT devices. Cloudflare also noted a significant increase in DDoS attacks in 2024, with a 53% rise compared to the previous year.…
Read More
Summary: The largest DDoS attack recorded peaked at 5.6 Tbps, utilizing a Mirai-based botnet with 13,000 compromised devices, targeting an ISP in Eastern Asia. Cloudflare reports a significant rise in hyper-volumetric DDoS attacks, with a notable increase in short-lived attacks that complicate human response efforts. The trend indicates a growing threat landscape, particularly during peak usage periods, leading to an increase in ransom DDoS attacks.…
Read More
Summary: The Transportation Security Administration (TSA) administrator David Pekoske was removed from his position by the Trump administration, despite having been appointed during Trump’s first term and later renewed by President Biden. Pekoske played a significant role in enhancing cybersecurity measures across transportation sectors, particularly following the Colonial Pipeline ransomware attack.…
Read More
Summary: A former CIA analyst, Asif William Rahman, pleaded guilty to transmitting top secret National Defense Information to unauthorized individuals and attempted to conceal his actions. Meanwhile, the Philippines arrested a Chinese national and two Filipinos for conducting espionage activities related to critical infrastructure. Both incidents highlight ongoing security threats and breaches involving sensitive information and national defense.…
Read More
Summary: Cybersecurity researchers have identified a series of cyber attacks targeting Chinese-speaking regions using a malware known as ValleyRAT. These attacks utilize a multi-stage loader called PNGPlug to deliver the malware through a phishing scheme disguised as legitimate software. The campaign highlights the attackers’ sophisticated methods, including the use of benign applications to conceal malicious activities.…
Read More
Summary: The FCC has enacted new rules to enhance cybersecurity measures for telecom operators, requiring them to secure their networks against potential attacks. This decision follows a significant espionage campaign by the Chinese-sponsored threat group Salt Typhoon, which compromised multiple U.S. telecom companies. The FCC’s actions aim to modernize existing regulations and improve defenses against state-sponsored cyber threats.…
Read More
Summary: Recent research has identified significant security vulnerabilities in various tunneling protocols, potentially allowing attackers to hijack internet hosts for anonymous attacks. Approximately 4.2 million hosts, including VPN servers and routers, are at risk, particularly in countries like China, France, and the U.S. Exploiting these vulnerabilities could enable attackers to conduct denial-of-service (DoS) attacks and access private networks.…
Read More
Summary: The US Department of Commerce is set to enforce new regulations banning the import of connected-vehicle technology from China and Russia due to cybersecurity concerns. This move follows President Biden’s declaration of a national emergency over the reliance on foreign technology in the automotive sector.…
Read More