from Hotznplotzn@lemmy.sdf.org to cybersecurity@infosec.pub on 03 Jul 08:13
https://lemmy.sdf.org/post/37887799
cross-posted from: lemmy.sdf.org/post/37887750
Here is the report (pdf).
The French National Agency for Information Systems Security, or ANSSI, said Tuesday it observed French organizations affected by activity using a slew of security flaws to break into an end-of-life version of the Utah company’s Cloud Services Appliance applications. The campaign affected government agencies, telecoms and firms in the media, finance and transport sectors. ANSII dubs the intrusion set “Houken”.
[…]
The hacker used a wide number of open-source tools “mostly crafted by Chinese-speaking developers,” were active during Chinese working hours and exhibited behaviors consistent with intelligence collection. The threat actor also sought self-enrichment, installing a cryptominer on one victim system. Chinese nation-state hacking is an unusual combination of intelligence agencies and private sector companies. Some hackers choose their own targets and sell exfiltrated data or access to government agencies - or may do for-profit hacking on the side. “Nevertheless, the use of cryptominers remains uncommon for this threat actor,” ANSSI wrote.
[…]
threaded - newest