Spot the Difference: Earth Kasha’s New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella

LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. While some vendors suspect that the actor using LODEINFO might be APT10, we don’t have enough evidence to Read More …

China’s three reports on Volt Typhoon prove US’ cyberattacks detectable: experts

China’s three reports on Volt Typhoon revealed the truth behind the systematic cyberattack activities of the US and demonstrated that such operations of the US are detectable, experts said. China’s National Computer Virus Emergency Response Center (CVERC) on Monday released Read More …

China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it

Chinese authorities have published another set of allegations that assert the Volt Typhoon cyber-crew is an invention of the US and its allies, and not a crew run by Beijing. Published on Monday in five languages, a document titled “Lie Read More …

Volt Typhoon Actors Exploiting Insecure SOHO Routers

Threat actors—particularly the People’s Republic of China (PRC)—sponsored Volt Typhoon group—are compromising small office/home office (SOHO) routers by exploiting software defects that manufacturers must eliminate through secure software design and development. Specifically, Volt Typhoon actors are exploiting security defects in Read More …

Redfly: Espionage Actors Continue to Target Critical Infrastructure

Espionage actors are continuing to mount attacks on critical national infrastructure (CNI) targets, a trend that has become a source of concern for governments and CNI organizations worldwide. Symantec’s Threat Hunter Team has found evidence that a threat actor group Read More …

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China Read More …