July 9th, 2024

CISA join ASD to release advisory on PRC State-Sponsored Group, APT 40

CISA and ASD's ACSC warn about APT 40, a Chinese state-sponsored cyber group targeting organizations globally. Urging vigilance, they advise reviewing the advisory to prevent intrusions and enhance software security.

Read original articleLink Icon
CISA join ASD to release advisory on PRC State-Sponsored Group, APT 40

CISA, in collaboration with ASD's ACSC, has released an advisory on the activities of a People's Republic of China (PRC) state-sponsored cyber group known as APT 40. This advisory, based on current investigations, highlights APT 40's ability to quickly adapt vulnerability proofs of concept for targeting organizations in various countries, including Australia and the United States. The group is adept at identifying new exploits within widely used public software to target vulnerable infrastructure. CISA, along with several international partners, urges organizations and software manufacturers to review the advisory to detect, prevent, and address APT 40 intrusions. Additionally, software vendors are encouraged to integrate Secure by Design principles into their practices to mitigate the impact of threat actor techniques and enhance the security of their products. For more information on PRC state-sponsored threat actor activity and secure design principles, interested parties can refer to CISA's resources on the subject.

Related

Chinese Hackers Have Stepped Up Attacks on Taiwanese Organizations

Chinese Hackers Have Stepped Up Attacks on Taiwanese Organizations

A cybersecurity firm identified RedJuliett, a suspected Chinese state-sponsored hacking group, targeting Taiwanese sectors. The group exploited VPN software vulnerabilities, raising tensions between China and Taiwan. Organizations are advised to enhance security measures.

TeamViewer confirms Russian spies hacked its corporate network

TeamViewer confirms Russian spies hacked its corporate network

TeamViewer confirmed a breach by Russian state-sponsored hackers on June 26, 2024, contained within their Corporate IT environment. APT29, or Cozy Bear, was attributed to the attack. Organizations using TeamViewer should stay alert.

China is turning to private firms for offensive cyber operations

China is turning to private firms for offensive cyber operations

China relies on private firms for cyber operations, revealed by leaked iS00N documents. Privatization extends to intelligence tasks once exclusive to government agencies, impacting global espionage with private companies like iS00N involved.

Japan and Korea join Australian-led pushback on Chinese hacking

Japan and Korea join Australian-led pushback on Chinese hacking

Australia, Japan, and Korea accuse Chinese spy agency APT40 of cyber espionage. International allies support the attribution. China denies allegations. Australia enhances security ties with partners amid rising cyber threats.

China's APT40 gang can attack new vulnerabilities within hours

China's APT40 gang can attack new vulnerabilities within hours

China's APT40, or Kryptonite Panda, a state-sponsored cyber group, exploits vulnerabilities rapidly. It targets organizations, using end-of-life devices and malware for data theft. Mitigation strategies are advised, but APT40's persistent attacks remain a global cybersecurity concern.

Link Icon 0 comments