Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures.
MirrorFace sent emails with attachments containing malware to targeted organizations and individuals to view data saved on computers mainly from December 2019 to July 2023, often from Gmail and Microsoft Outlook addresses using stolen identities, the NPA investigation found.
Read more…
Source: MSN News
Related:
- Fortinet Flaws Exploited by Qilin Ransomware
June 8, 2025
Fortinet was recently found to have certain vulnerabilities that hackers like the Qilin group exploited. Here’s how they manipulated these weaknesses: Misconfigurations in security appliances provided a direct entry point for Qilin.Outdated Software: Failure to update Fortinet software allowed the ransomware to exploit known vulnerabilities. Qilin also employs social engineering tactics to gain unauthorized access: Phishing Attacks: Targeting employees ...
- GoldenEye Dog(APT-Q-27) gang’s recent use of “Silver Fox” Trojan stealing activities
June 6, 2025
GoldenEyeDog (tracked internally as APT-Q-27 by Qi’anxin) is a hacking group targeting people involved in gaming and dog-pushing in Southeast Asia, as well as the overseas Chinese community, with a range of business activities including remote control, mining, DDoS attacks, etc. It is related to a larger attack group tracked by Qi’anxin, the Miuuti Group. The ...
- Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
June 6, 2025
The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services. These bots often carry Remote Code Execution (RCE) exploits targeting HTTP services, allowing attackers to embed ...
- Texas: Drivers’ data compromised in TxDOT data breach of nearly 300,000 crash reports
June 6, 2025
The Texas Department of Transportation said it is reaching out to Texans whose personal data was compromised during a data breach that led to the improper download of nearly 300,000 crash reports. Personal data included in crash reports includes: full names, mailing and/or physical addresses, driver license numbers, license plate numbers, car insurance policy numbers and ...
- Cisco Releases Security Advisory Affecting Cisco Identity Service Engine
June 5, 2025
Cisco has released software updates for its Identity Service Engine (ISE). The updates address a critical severity vulnerability in the ISE product. Cisco Identity Services Engine (ISE) is a context-aware policy service to control access and threats across wired, wireless, and VPN networks. CVE-2025-20286 has a CVSSv3 score of 9.9 and is a “use of hard-coded ...
- Ransomware hiding in fake AI, business tools
June 5, 2025
Artificial intelligence (AI) and small business tools are being abused as smokescreens to hit unsuspecting victims with ransomware. In the masquerade campaigns discovered by Cisco Talos, cybercriminals hid malware behind software and install packages that mimicked the websites or names of the lead monetization service Nova Leads, the enormously popular Chat GPT, and an AI-empowered video ...