China-based cyberespionage actor seen targeting South America - Cyber Security News

Read Time:33 Second

China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft’s Security Intelligence team.

The initiative is “a notable expansion of the group’s data exfiltration operations that traditionally targeted gov’t agencies and think tanks in Asia and Europe,” the team tweeted on Monday.

DEV-0147’s attacks in South America included post-exploitation activity involving the abuse of on-premises identity infrastructure for reconnaissance and lateral movement, and the use of Cobalt Strike — a penetration testing tool — for command and control and data exfiltration, Microsoft wrote in its tweet.

To read this article in full, please click here

More Stories

NVD Revamps Operations as Vulnerability Reporting Surges

The NVD program manager has announced undergoing process improvements to catch up with its growing vulnerability backlog Read More

Friday Squid Blogging: Squid and Efficient Solar Tech

Researchers are trying to use squid color-changing biochemistry for solar tech. This appears to be new and related research to...

Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today

Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake...

AI Vulnerability Finding

Microsoft is reporting that its AI systems are able to find new vulnerabilities in source code: Microsoft discovered eleven vulnerabilities...

Ransomware reaches a record high, but payouts are dwindling

Will you be shedding a tear for the cybercriminals? Read more in my article on the Tripwire blog. Read More

Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

Rockwell Automation, Hitachi Energy and Inaba Denki Sangyo have products affected by critical vulnerabilities carrying severity ratings as high as...