Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures.
MirrorFace sent emails with attachments containing malware to targeted organizations and individuals to view data saved on computers mainly from December 2019 to July 2023, often from Gmail and Microsoft Outlook addresses using stolen identities, the NPA investigation found.
Read more…
Source: MSN News
Related:
- Hacking forum gets hacked for the second time in a year
April 3, 2020
OGUsers, one of the most popular hacking forums on the internet, disclosed today a security breach, the second such incident in the past year. “It appears that someone was able to breach the server through a shell in avatar uploading in the forum software and get access to our current database dating April 2, 2020,” said ...
- Firefox gets fixes for two zero-days exploited in the wild
April 3, 2020
Firefox users are advised to update their browsers to patch two bugs that are being exploited in the real world by hackers. The fixes are available in Firefox 74.0.1, released earlier today. This new Firefox version includes fixes for CVE-2020-6819 and CVE-2020-6820, two bugs that reside in the way Firefox manages its memory space. The bugs are so-called user-after-free vulnerabilities, ...
- FakeNet Genie: Improving Dynamic Malware Analysis with Cheat Codes for FakeNet-NG
April 2, 2020
As developers of the network simulation tool FakeNet-NG, reverse engineers on the FireEye FLARE team, and malware analysis instructors, we get to see how different analysts use FakeNet-NG and the challenges they face. We have learned that FakeNet-NG provides many useful features and solutions of which our users are often unaware. In this blog post, ...
- Nemty Ransomware – Learning by Doing
April 2, 2020
The McAfee Advanced Threat Research Team (ATR) observed a new ransomware family named ‘Nemty’ on 20 August 2019. We are in an era where ransomware developers face multiple struggles, from the great work done by the security community to protect against their malware, to initiatives such as the No More Ransom project that offer some victims a way ...
- Loncom packer: from backdoors to Cobalt Strike
April 2, 2020
The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate. After the story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the campaign was packed with the same packer, which we ...
- Wiper Malware Called “Coronavirus” Spreads Among Windows Victims
April 1, 2020
A new Windows malware has emerged that makes disks unusable by overwriting the master boot record (MBR). It takes its cue from the COVID-19 pandemic, calling itself simply “Coronavirus.” Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that caused widespread, global financial damage. Worryingly, according to the ...