-
Chinese Hackers Target Hong Kong Universities With New Backdoor Variant - https://bit.ly/2Orx8AL
#cybersecnews#backdoor#cyberattack#hacker#securityresearch#ShadowPad#malware -
Chinese Origin
#Threat Group Targets#HongKong Universities with New#Backdoor Variant https://www.ehackingnews.com/2020/02/chinese-origin-threat-group-targets.html …#APT#Winnti#ShadowPad#malware#APT17#WickedPanda#cyberwar#cyberattack -
The Chinese-linked threat group
#Winnti operating under the same cover as#Axiom,#Barium,#Group72,#Blackfly, and#APT41, was observed using a new variant of the#ShadowPad#backdoor, the group’s flagship tool, to target and attack Hong Kong universities.pic.twitter.com/JcqJvwNg6k
-
A new campaign of the
#Winnti Group is targeting Hong Kong universities using#ShadowPad and Winnti#malware: https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong … |#espionage#infosec -
#APTGroup,#Winnti#WinntiAPTGroup,#Backdoor,#ShadowPad,#China,#Espionage,#Hacking,#Malware,#CyberCrime,#CyberAttack,#CyberSecurity Winnti APT Group targeted Hong Kong Universities . https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29 … https://www.welivesecurity.com/2019/10/14/connecting-dots-exposing-arsenal-methods-winnti/ …pic.twitter.com/QfJIIJK7eh
-
#Winnti Group has compromised computer systems at two Hong Kong universities during the Hong Kong protests that started in March 2019. https://securityaffairs.co/wordpress/97111/apt/winnti-apt-hong-kong-universities.html …#HongKong#ShadowPad -
2020-01-31:

#Winnti#APT Targets#HongKong Universities

#ShadowPad|XOR Decoder|#Yara rule apt_win32_winnti_xordec { strings: $decoder_xor = { 8B C3 C1 E3 10 C1 E8 10 03 D8 6B DB 77 83 C3 13 } condition: $decoder_xor } Ref
https://twitter.com/ESETresearch/status/1223191846970634240 …pic.twitter.com/KmdkYmureE
-
#Winnti Group targeting universities in Hong Kong https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/ …#ESET#WeLiveSecurity#ShadowPad#HongKong -
.
@ESETresearch has discovered a new campaign by the#Winnti group targeting#HongKong universities using a multi-modular backdoor: https://bit.ly/2uQZhKv#ShadowPad#cybercrime#infosecpic.twitter.com/EAMmnuJm9L
-
ESET has released their report on new variants of
#Shadowpad/#Winnti, used against two universities in Hongkong. https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/ …Prikaži ovu nit -
Anothers samples based on
@ESETresearch about#WINNTI and#Shadowpad https://www.virustotal.com/#/file/63a74b66685fb94d685cfdfadd10917c805239ea079b9431bb5e9c8a58e0ea4b … https://www.virustotal.com/#/file/1b9e058d2a1324fea4fff70fcc1bf21ef976d753de7b5d55b902724dd1798f1e … with low detections rates of AV -
#Breaking:@ESET researchers uncover a new campaign by the#WinntiGroup, known for attacks against various high-profile targets. This time, the WinntiGroup took aim at Hong Kong universities.#Winnti#ShadowPad#malware#infosec#cybersecurity https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/ … -
#Shadowhammer surpasses#ShadowPad and#CCleaner supply-chain attacks in complexity and techniques. The reason that it stayed undetected for so long is partly the fact that the trojanized software was signed with legitimate certificates. Details ⇒ https://kas.pr/85fe pic.twitter.com/eoU9h1zFR6
-
The new
#ShadowPad variant uses Google Docs for command and control. Victims include Gaming companies (typical of Barium APT) and military contractors (unusual for Barium, could suggest Lead APT or an unknown group that uses it as well).Prikaži ovu nit -
Our full analysis of
#shadowhammer and related gaming companies attacks, including a new (2018) variant of the#ShadowPad backdoor: https://securelist.com/operation-shadowhammer-a-high-profile-supply-chain-attack/90380/ …Prikaži ovu nit -
IMHO, previous BARIUM operations like
#ShadowPad and CCleaner are possibly the main source of interesting MACs for this attack. -
GReAT wins Peter Szor Award for Technical Research on
#ShadowPad at#VB2018pic.twitter.com/NOQibF2pMy
-
The Windows Defender ATP Research team will be at RSA to share an in-depth analysis of a supply chain incident, as well as insights and trends in this emerging threat.
#RSAC#supplychainattacks#wilysupply#shadowpad#CCleanerhttps://cloudblogs.microsoft.com/microsoftsecure/2017/05/04/windows-defender-atp-thwarts-operation-wilysupply-software-supply-chain-cyberattack/ …Prikaži ovu nit
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.