Cyberwarfare: China-Linked UAT-7290 usually active in South Asia expands its espionage-focused intrusions into Southeastern Europe, targeting telecoms
(thehackernews.com)
from Sepia@mander.xyz to cybersecurity@infosec.pub on 10 Jan 10:58
https://mander.xyz/post/45241936
from Sepia@mander.xyz to cybersecurity@infosec.pub on 10 Jan 10:58
https://mander.xyz/post/45241936
cross-posted from: mander.xyz/post/45241581
TL;DR:
- China-linked threat actor UAT-7290 has been active since at least 2022 in South Asia but is now also active in Europe
- It is focusing on intrusions against critical infrastructure entities in Southeast Europe
- UAT-7290 shares tactical and infrastructure overlaps with China-linked adversaries known as Stone Panda and RedFoxtrot (aka Nomad Panda)
…
Here is the technical report by Cisco Talos
threaded - newest