Cyber threats in Southeast Asia pinned on China-affiliated hacking groups
The Cybereason Nocturnus Team investigated clusters of intrusions detected targeting the telecommunications industry across Southeast Asia. Credit: Dreamstime
Hacking groups with ties to China have been identified by US-based cyber security solutions vendor Cybereason as being behind a series of cyber activity in the ASEAN region.
The findings come after the Cybereason Nocturnus and Incident Response teams proactively hunted for various threat actors trying to leverage similar techniques to those used in the Hafnium attacks targeting Microsoft Exchange vulnerabilities earlier this year.
In the beginning of 2021, the Cybereason Nocturnus Team investigated clusters of intrusions detected targeting the telecommunications industry across Southeast Asia.
Cybersecurity firm blames China for attacks on Asian telcos
lightreading.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from lightreading.com Daily Mail and Mail on Sunday newspapers.
DeadRinger Targeted Exchange Servers Long Before Discovery
threatpost.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from threatpost.com Daily Mail and Mail on Sunday newspapers.
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago
Share this item with your network: By Published: 05 Mar 2021 15:00
Malicious actors were abusing four vulnerabilities disclosed this week in on-premise instances of Microsoft Exchange Server as far back as January 2021, according to a new report produced by FireEye Mandiant researchers Matt Bromiley, Chris DiGiamo, Andrew Thompson and Robert Wallace.
Disclosed earlier this week alongside an out-of-sequence patch, exploitation of the four vulnerabilities, one rated critical and three medium, was linked by Microsoft to a Chinese advanced persistent threat (APT) group known as Hafnium, although there is already bountiful evidence to suggest exploitation of the CVEs goes far beyond one group.