| ID | Votes | Profile Description |
|---|---|---|
| PlugX | 9 | PlugX is a notorious malware known for its harmful capabilities and stealthy operations. Often used by the Winnti group, it has been linked to various cyber-attacks, leveraging DLL side-loading to remain undetected. This technique allows it to infiltrate systems without raising alarms, making it an |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Poisonplug | Unspecified | 2 | None |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Winnti | Unspecified | 7 | The Winnti Group is a sophisticated threat actor that has been active since at least 2007, first identified by Kaspersky in 2013. This collective of Chinese nation-state hackers is known for its advanced cyberespionage capabilities and its unique strategy of targeting legitimate software supply chai |
| APT41 | Unspecified | 6 | APT41, a threat actor attributed to China, has been actively targeting organizations in at least 14 countries since 2012. The group is known for its use of an extensive range of malware, with at least 46 different code families and tools observed in their operations. They are associated with various |
| Redfly | Unspecified | 5 | RedFly, a threat actor group known for its malicious activities, has emerged as a significant cybersecurity concern. The group's operations are characterized by their strategic execution and targeted focus, often resulting in substantial security breaches. Threat actors like RedFly pose a significan |
| Winnti Group | Unspecified | 2 | The Winnti Group, a collective of Chinese Advanced Persistent Threat (APT) groups including APT41, first gained notoriety for its attacks on computer game developers. The group was initially spotted by Kaspersky in 2013, but researchers suggest that this nation-state actor has been active since at l |
| Bronze University | Unspecified | 2 | Bronze University, also known as Aquatic Panda, ControlX, RedHotel, and Earth Lusca, is a threat actor group believed to be a Chinese state-sponsored hacking operation. The group has been active since 2021, targeting government, aerospace, education, telecommunications, media, and research organizat |
| Lancefly | Unspecified | 2 | Lancefly, a threat actor potentially associated with China, has been identified as the group behind an ongoing cyberespionage campaign targeting organizations in South and Southeast Asia. The targets include government bodies, aviation companies, educational institutions, and telecommunication secto |
| Earth Lusca | Unspecified | 2 | Earth Lusca, a threat actor identified as being Chinese-speaking, has been active since at least the first half of 2023. The group primarily targets organizations in Southeast Asia, Central Asia, and the Balkans. Recently, it has expanded its arsenal with SprySOCKS Linux malware, a new addition that |
| I-Soon | Unspecified | 2 | i-SOON, a threat actor believed to be operating out of China, has come into the limelight due to a significant data leak. The leaked documents provide an inside view of i-SOON's operations, revealing its role in executing cyberespionage campaigns on behalf of various Chinese government agencies. Thi |
| Redhotel | Unspecified | 2 | RedHotel is a prolific threat actor group, known for its espionage activities targeting organizations of interest to the Chinese government. The group has been active since at least 2019 and operates alongside other threat groups such as RedAlpha and Poison Carp. Researchers at Recorded Future have |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| Unit42 | a day ago | Chinese APT Abuses VSCode to Target Government in Asia | |
| Securityaffairs | a month ago | Security Affairs newsletter Round 484 by Pierluigi Paganini – INTERNATIONAL EDITION | |
| Securityaffairs | a month ago | CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog | |
| Checkpoint | a month ago | 5th August – Threat Intelligence Report - Check Point Research | |
| Securityaffairs | a month ago | China-linked APT41 breached Taiwanese research institute | |
| DARKReading | a month ago | China's APT41 Targets Taiwan Research Institute for Cyber Espionage | |
| BankInfoSecurity | 3 months ago | Researchers Uncover Chinese Hacking Cyberespionage Campaign | |
| BankInfoSecurity | 5 months ago | iSoon Leak Shows Links to Chinese APT Groups | |
| DARKReading | 6 months ago | Chinese APT 'Earth Krahang' Compromises 48 Gov't Orgs on 5 Continents | |
| Trend Micro | 6 months ago | Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks | |
| CERT-EU | 6 months ago | Anxun and Chinese APT Activity - ReliaQuest | |
| CERT-EU | 6 months ago | i-SOON Data Leak: Key Points | |
| Trend Micro | 6 months ago | Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections | |
| CERT-EU | 6 months ago | A Mysterious Leak Exposed Chinese Hacking Secrets | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | |
| Unit42 | 6 months ago | Data From Chinese Security Services Company i-Soon Linked to Previous Chinese APT Campaigns | |
| CERT-EU | 7 months ago | Leaked documents show how firm supports Chinese hacking operations | |
| Securelist | 9 months ago | Kaspersky malware report for Q3 2023 | |
| CERT-EU | 10 months ago | Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers | |
| CERT-EU | a year ago | Virus Bulletin :: Teasing the secrets from threat actors: malware configuration extractors | |
| CERT-EU | a year ago | Multiple Chinese APTs are attacking European targets, EU cyber agency warns | #ukscams | #datingscams | #european | #datingscams | #love | #relationships | #scams | #pof | #match.com | #dating | National Cyber Security Consulting |