China-based cyberespionage actor seen targeting South America - Cyber Security News

Read Time:33 Second

China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft’s Security Intelligence team.

The initiative is “a notable expansion of the group’s data exfiltration operations that traditionally targeted gov’t agencies and think tanks in Asia and Europe,” the team tweeted on Monday.

DEV-0147’s attacks in South America included post-exploitation activity involving the abuse of on-premises identity infrastructure for reconnaissance and lateral movement, and the use of Cobalt Strike — a penetration testing tool — for command and control and data exfiltration, Microsoft wrote in its tweet.

To read this article in full, please click here

More Stories

Friday Squid Blogging: Live Colossal Squid Filmed

A live colossal squid was filmed for the first time in the ocean. It’s only a juvenile: a foot long....

Midnight Blizzard Targets European Diplomats with Wine Tasting Phishing Lure

Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes,...

Age Verification Using Facial Scans

Discord is testing the feature: “We’re currently running tests in select regions to age-gate access to certain spaces or user...

NTLM Hash Exploit Targets Poland and Romania Days After Patch

An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the...

Senators Urge Cyber-Threat Sharing Law Extension Before Deadline

Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years Read More

Identity Attacks Now Comprise a Third of Intrusions

IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en...