News • Insights • Analysis
Over 8,000 students of a private vocational college have been affected by a cyber attack, the privacy watchdog said on Friday. The Hong Kong College of Technology said its information technology network and file server were hacked in February. A Read More …
As many as 91,000 LG TVs face the risk of being commandeered unless they receive a just-released security update patching four critical vulnerabilities discovered late last year. The vulnerabilities are found in four LG TV models that collectively comprise slightly Read More …
During the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation of CVE-2023-46747 affecting F5 BIG-IP Traffic Management User Interface. Additionally, in February 2024, Mandiant researchers observed exploitation of Connectwise ScreenConnect CVE-2024-1709 by the same Read More …
A previously unknown advanced persistent threat (APT) group used the legitimate Cobra DocGuard software to carry out a supply chain attack with the goal of deploying the Korplug backdoor (aka PlugX) onto victim computers. In the course of this attack, Read More …
It sounds like the plot of a somewhat far-fetched romcom-slash-thriller Netflix series, maybe billed as You meets Your Place or Mine, dropping just in time for Valentine’s Day. In it, a pig butchering romance scammer targets her next victim: Sophos’s Read More …
Symantec has observed a likely continuation of the Operation CuckooBees activity, this time targeting organizations in Hong Kong. Operation CuckooBees was first documented in May 2022 by researchers at Cybereason, who said the intelligence-gathering campaign had been operating under the Read More …
Researchers have discovered a stealthy espionage campaign by a most likely China-backed hacking group that has targeted government, education and telecommunication organizations since 2013. The attackers used a range of techniques to infect targets with malware, such as via malicious Read More …
Researchers have uncovered a new strain of macOS malware in targeted attacks against visitors to a Hong Kong pro-democracy radio station website. The website was used to facilitate a watering hole attack and to serve a Safari browser exploit to Read More …
Since mid-2021, Trend Micro researchers have been investigating a rather elusive threat actor called Earth Lusca that targets organizations globally via a campaign that uses traditional social engineering techniques such as spear phishing and watering holes. The group’s primary motivation Read More …
Since at least late August, attackers have been using flaws in macOS and iOS – including in-the-wild use of what was then a zero-day flaw – to install a backdoor on the Apple devices of users who visited Hong Kong-based Read More …
