SloppyLemming Espionage Campaign Targets South and East Asia On September 24, 2024, Cloudforce One published an extensive investigation into a sophisticated espionage campaign orchestrated by the advanced threat actor known as SloppyLemming.
Raptor Train: Chinese Nation-State Botnet Compromises Over 200,000 Devices Black Lotus Labs released a report detailing the discovery of a botnet, dubbed "Raptor Train." This multi-tiered network has compromised more than 200,000 small office/home office (SOHO) routers, Internet of Things (IoT) devices, and network infrastructure worldwide.
China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations A joint cybersecurity advisory revealing that cyber actors linked to the People’s Republic of China (PRC) have compromised thousands of internet-connected devices.
Crimson Palace Resurfaces: Chinese Cyberespionage Campaign Expands in Southeast Asia Sophos X-Ops released a report detailing renewed cyberespionage efforts by what they assess with high confidence as a Chinese state-directed cyber operation.
Cyber Espionage and Financial Threats Targeting Mexico Mandiant and Google’s Threat Analysis Group (TAG) released a joint report providing critical insights into the cyber threat landscape impacting Mexico. This report uncovers the ongoing cyber espionage operations and financially motivated cyber attacks aimed at Mexican users and enterprises.
ToneShell Backdoor Used to Target Attendees of the IISS Defence Summit The group is known for its cyber espionage activities targeting government organizations, primarily in Southeast and East Asia. This recent campaign, however, focuses on attendees of the upcoming International Institute for Strategic Studies (IISS) Defence Summit
Chinese APT Exploits Visual Studio Code to Target Southeast Asian Governments On September 6, 2024, Unit 42 researchers released a report detailing a new cyber espionage campaign by the Chinese Advanced Persistent Threat (APT) group known as "Stately Taurus."