China-based cyberespionage actor seen targeting South America - Cyber Security News

Read Time:33 Second

China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft’s Security Intelligence team.

The initiative is “a notable expansion of the group’s data exfiltration operations that traditionally targeted gov’t agencies and think tanks in Asia and Europe,” the team tweeted on Monday.

DEV-0147’s attacks in South America included post-exploitation activity involving the abuse of on-premises identity infrastructure for reconnaissance and lateral movement, and the use of Cobalt Strike — a penetration testing tool — for command and control and data exfiltration, Microsoft wrote in its tweet.

To read this article in full, please click here

More Stories

Network Edge Devices the Biggest Entry Point for Attacks on SMBs

Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in...

ICO Issues Merseyside-Based Law Firm £60,000 Fine After Cyber-Attack

A UK Law firm has been fined £60,000 after data stolen during a 2022 cyber-attack was published on the dark...

Smashing Security podcast #413: Hacking the hackers… with a credit card?

A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? And...

CVE Program Almost Unfunded

Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to be cancelled, as the US...

Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack

Hertz has confirmed a data breach exposing customer data after a zero-day attack targeting file transfer software from Cleo Communications...

China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems Read More