Storm-0227, a Chinese state-sponsored advanced persistent threat (APT) actor started targeting critical infrastructure organizations, as well as government entities, in the United States. The group abuses software vulnerabilities and engages in spear phishing attacks to gain access to people’s devices.
Once they get the access, they deploy different Remote Access Trojans (RAT) and other malware to obtain login credentials for services such as Microsoft 365. They also steal sensitive documents and whatever else they can get their hands on. The goal of the campaign is cyber-espionage.
Read more…
Source: TechRadar News
Related:
- Pentagon Servers Flawed, Easy to Hack
February 1, 2017
The U.S. Department of Defense could be at risk of being attacked by hackers quite easily, one security researcher warns. According to ZDNet, who cites Dan Tentler, founder of cybersecurity firm Phobos Group, several misconfigured servers run by the DoD could allow hackers easy access to internal government systems. That includes foreign actors eager to find ...
- Hacker claims to have hacked the FBI, but it wasn’t
January 5, 2017
A hacker yesterday claimed to have hacked the FBI’s website running on Plone CMS, but it seems it wasn’t hacked using any zero-day vulnerability in Plone. We contacted Plone security team and updated this story (see below) with official statements.A hacker, using Twitter handle CyberZeist, has claimed to have hacked the FBI’s website (fbi.gov) and ...
- 11 Gigabytes of Sensitive Data Belonging to US DoD Staff Exposed
January 5, 2017
Personal details of doctors who are deployed in the United States Special Operations Command (USSOCOM or SOCOM) have been exposed due to a security vulnerability discovered in a server operated by health services contractor Potomac Healthcare Solutions. MacKeeper Security Researcher Chris Vickery discovered in late December that Potomac, which provides healthcare workers to the government through ...