* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, September 4, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    ITV Studios Launches New Entertainment Label – Global Bulletin – IMDb

    ITV Studios Unveils Exciting New Entertainment Label

    TS Entertainment bringing Malibu Jack’s to former Owensboro mall – Lane Report

    TS Entertainment Launches Malibu Jack’s at Former Owensboro Mall Location

    Jenny Han Dropped a Major ‘The Summer I Turned Pretty’ Easter Egg Revealing [SPOILER] – yahoo.com

    Jenny Han Just Unveiled a Huge ‘The Summer I Turned Pretty’ Easter Egg That Changes Everything [SPOILER]

    Liam Payne’s Cousin Ross Harris Honors Late Singer With Emotional Song ‘Bones’ – yahoo.com

    Liam Payne’s Cousin Ross Harris Honors Late Singer with Emotional New Song ‘Bones

    Country music star apologizes after drunken show ends with cops taking him down: ‘I’m not OK’ – PennLive.com

    Country Music Star Apologizes After Drunken Show Ends in Police Intervention: ‘I’m Not OK

    Comanche Nation Entertainment closes casino near Devol – KSWO 7News

    Comanche Nation Entertainment Closes Casino Near Devol in Surprising Move

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Credo Technology Group Holding Ltd. (CRDO) Surpasses Q1 Earnings and Revenue Estimates – Yahoo Finance

    Credo Technology Group Surpasses Q1 Earnings and Revenue Expectations

    The Economist is hiring a science and technology correspondent – The Economist

    Exciting Opportunity: Become Our Next Science and Technology Correspondent!

    Blockchain lender Figure Technology seeks to raise up to $526M in IPO (FIGR:Pending) – Seeking Alpha

    Blockchain Lender Figure Technology Sets Sights on $526M in Thrilling IPO Launch

    New Technology from Ramsey Theory Group Brings Diagnostic Testing and Telehealth Directly into Patients’ Homes – Yahoo Finance

    Revolutionary Ramsey Theory Technology Delivers Diagnostic Testing and Telehealth Right to Your Doorstep

    China’s CATL sells stake in Finnish subcontract car manufacturer – Reuters

    China’s CATL Sells Stake in Finnish Auto Supplier in Strategic Move

    This Secret Technology Will Make The IPhone 17 Super Thin Air – VOI.ID

    How This Breakthrough Technology Will Make the iPhone 17 Incredibly Thin and Lightweight

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    ITV Studios Launches New Entertainment Label – Global Bulletin – IMDb

    ITV Studios Unveils Exciting New Entertainment Label

    TS Entertainment bringing Malibu Jack’s to former Owensboro mall – Lane Report

    TS Entertainment Launches Malibu Jack’s at Former Owensboro Mall Location

    Jenny Han Dropped a Major ‘The Summer I Turned Pretty’ Easter Egg Revealing [SPOILER] – yahoo.com

    Jenny Han Just Unveiled a Huge ‘The Summer I Turned Pretty’ Easter Egg That Changes Everything [SPOILER]

    Liam Payne’s Cousin Ross Harris Honors Late Singer With Emotional Song ‘Bones’ – yahoo.com

    Liam Payne’s Cousin Ross Harris Honors Late Singer with Emotional New Song ‘Bones

    Country music star apologizes after drunken show ends with cops taking him down: ‘I’m not OK’ – PennLive.com

    Country Music Star Apologizes After Drunken Show Ends in Police Intervention: ‘I’m Not OK

    Comanche Nation Entertainment closes casino near Devol – KSWO 7News

    Comanche Nation Entertainment Closes Casino Near Devol in Surprising Move

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Credo Technology Group Holding Ltd. (CRDO) Surpasses Q1 Earnings and Revenue Estimates – Yahoo Finance

    Credo Technology Group Surpasses Q1 Earnings and Revenue Expectations

    The Economist is hiring a science and technology correspondent – The Economist

    Exciting Opportunity: Become Our Next Science and Technology Correspondent!

    Blockchain lender Figure Technology seeks to raise up to $526M in IPO (FIGR:Pending) – Seeking Alpha

    Blockchain Lender Figure Technology Sets Sights on $526M in Thrilling IPO Launch

    New Technology from Ramsey Theory Group Brings Diagnostic Testing and Telehealth Directly into Patients’ Homes – Yahoo Finance

    Revolutionary Ramsey Theory Technology Delivers Diagnostic Testing and Telehealth Right to Your Doorstep

    China’s CATL sells stake in Finnish subcontract car manufacturer – Reuters

    China’s CATL Sells Stake in Finnish Auto Supplier in Strategic Move

    This Secret Technology Will Make The IPhone 17 Super Thin Air – VOI.ID

    How This Breakthrough Technology Will Make the iPhone 17 Incredibly Thin and Lightweight

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Chinese spies target vulnerable home office kit to run cyber attacks

July 10, 2024
in Technology
Chinese spies target vulnerable home office kit to run cyber attacks
Share on FacebookShare on Twitter

China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert


Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 09 Jul 2024 16:57

The China-backed advanced persistent threat (APT) actor tracked as APT40 has been busy evolving its playbook and has recently been observed actively targeting new victims by exploiting vulnerabilities in small office and home office (SoHo) networking devices as a staging post for command and control (C2) activity during their attacks

This is according to an international alert issued by the Five Eyes allied cyber agencies from Australia, Canada, New Zealand, the UK and the US, as well as partner bodies from Germany, Japan and South Korea.

According to the Australian Cyber Security Centre (ACSC), which was the lead agency on the alert, APT40 has repeatedly targeted networks both in Australia and around the world by this method.

In two case studies published by the Australian authorities, APT40 used compromised SoHO devices as operational infrastructure and “last-hop” redirectors during its attacks, although one effect of doing so has been to make their activity somewhat easier to characterise and track.

The agencies described such SoHo networking devices as much easier targets for malicious actors than their large enterprise equivalents.

“Many of these SoHO devices are end-of-life or unpatched and offer a soft target for N-day exploitation,” the Australians said. “Once compromised, SoHO devices offer a launching point for attacks to blend in with legitimate traffic and challenge network defenders.

“This technique is also regularly used by other PRC state-sponsored actors worldwide, and the authoring agencies consider this to be a shared threat.

“APT40 does occasionally use procured or leased infrastructure as victim-facing C2 infrastructure in its operations; however, this tradecraft appears to be in relative decline,” they added.

The ACSC shared details of one APT40 cyber attack to which it responded in August 2022, during which a malicious IP believed to be affiliated with the group interacted with the targeted organisation’s network over a two-month period using a device that likely belonged to a small business or home user. This attack was remediated before APT40 could do too much damage.

Mohammad Kazem, senior threat intelligence researcher at WithSecure, said: “There is no indication that the pace or impact of Chinese government/state-sponsored cyber operations has fallen… instead they have continued to hone and refine their tradecraft. They have shown themselves willing to retire methods and tools that no longer work in favour of new ones, but while their standard TTPs have proved effective, they have happily continued to use them.

“This advisory also highlights a shared and growing trend among PRC actors in recent years to target edge devices via exploitation and leverage compromised devices as part of their network infrastructure and activity. We believe these techniques are consciously employed by these actors to pursue stealthier operations that are more difficult to track and attribute, but also challenge conventional security mechanisms and oversight,” said Kazem.

Noteworthy threat

The APT40 group – which is also known in various supplier matrices as Kryptonite Panda, Gingham Typhoon, Leviathan and Bronze Mohawk – is a highly active group that is likely based in the city of Haikou in Hainan Province, an island off the south coast of China, about 300 miles west of Hong Kong. It receives its tasking from the Hainan State Security Department of China’s Ministry of State Security (MSS).

It was likely one of a number of APTs involved in a 2021 series of cyber attacks orchestrated via compromises in Microsoft Exchange Server. In July of that year, four members of the group were indicted by the US authorities over attacks targeting the aviation, defence, education, government, healthcare, biopharmaceutical and maritime sectors.

This campaign saw APT40 steal intellectual property on submersible and autonomous vehicles, chemical formulae, commercial aircraft servicing, genetic sequencing tech, research on diseases including Ebola, HIV/AIDS and MERS, and information to support attempts to win contracts for China’s state-owned enterprises.

APT40 is considered a particularly noteworthy threat thanks to its advanced capabilities – it is able to quickly transform and exploit proof-of-concepts (PoCs) of new vulnerabilities and turn them on victims, and its team members conduct regular reconnaissance against networks of interest looking for opportunities to use them.

It has been an enthusiastic user of some of the most widespread and notable vulnerabilities of the past few years, including the likes of Log4j – indeed, it continues to find success exploiting some bugs that date as far back as 2017.

The group seems to favour targeting public-facing infrastructure over techniques that require user interaction – such as phishing via email – and places great value on obtaining valid credentials to use in its attacks.

Mitigating an APT40 intrusion

Priority mitigations for defenders include keeping up to date logging, prompt patch management and implementing network segmentation.

Security teams should also take steps to disable unused or unneeded network services, ports or firewalls, implement web application firewalls (WAFs), enforce least privilege policies to limit access, enforce multifactor authentication (MFA) on all internet accessible remote access services, replace end-of-life kit, and review custom applications for potentially exploitable functionality.

Read more on Hackers and cybercrime prevention


U.S. agencies continue to observe Volt Typhoon intrusions

ArielleWaldman

By: Arielle Waldman


Mandiant upgrades Sandworm to APT44 due to increasing threat

ArielleWaldman

By: Arielle Waldman


advanced persistent threat (APT)

KinzaYasar

By: Kinza Yasar


Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign

AlexScroxton

By: Alex Scroxton

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366592858/Chinese-spies-target-vulnerable-home-office-kit-to-run-cyber-attacks

Tags: Chinesespiestechnology
Previous Post

Computing curriculum leaving digital skills behind, research suggests

Next Post

Hyper-V zero-day stands out on a busy Patch Tuesday

Potential caterpillar mimicry in a tropical hummingbird – Falk – 2025 – Ecology – ESA Journals

Tropical Hummingbird’s Surprising Caterpillar Mimicry Revealed

September 4, 2025
Degrees of Science: Healthy Aging – KWTX

Unlocking the Secrets to Healthy Aging: A Science-Based Guide

September 4, 2025
Podcast: Blame, bad drivers, and ‘safety science’ – BikePortland

Podcast: Blame, bad drivers, and ‘safety science’ – BikePortland

September 4, 2025
If you want your 60s to be some of the best years of your life, say goodbye to these 5 behaviors – VegOut

If you want your 60s to be some of the best years of your life, say goodbye to these 5 behaviors – VegOut

September 4, 2025
Credo Technology Group Holding Ltd. (CRDO) Surpasses Q1 Earnings and Revenue Estimates – Yahoo Finance

Credo Technology Group Surpasses Q1 Earnings and Revenue Expectations

September 4, 2025

NFL Week 1 Power Rankings: Eagles Take Early Lead, But Bills Poised to Claim Ultimate Crown

September 4, 2025
Xi Parades Military Strength as Trump Accuses Him of Conspiring With Putin and Kim – The New York Times

Xi Unveils Military Strength as Trump Levels Accusations of Alliances with Putin and Kim

September 4, 2025
Trump tariffs and the Fed: Fate of U.S. economy may lie with the Supreme Court – Axios

How the Supreme Court Could Decide the Future of the U.S. Economy Amid Trump Tariffs and Fed Moves

September 4, 2025
ITV Studios Launches New Entertainment Label – Global Bulletin – IMDb

ITV Studios Unveils Exciting New Entertainment Label

September 4, 2025
RFK Jr. is spreading a reckless myth about SSRIs and mass shootings – MSNBC News

RFK Jr. Fuels Dangerous Myth Linking SSRIs to Mass Shootings

September 4, 2025

Categories

Archives

September 2025
MTWTFSS
1234567
891011121314
15161718192021
22232425262728
2930 
« Aug    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (806)
  • Economy (824)
  • Entertainment (21,704)
  • General (16,848)
  • Health (9,865)
  • Lifestyle (839)
  • News (22,149)
  • People (826)
  • Politics (831)
  • Science (16,035)
  • Sports (21,323)
  • Technology (15,805)
  • World (805)

Recent News

Potential caterpillar mimicry in a tropical hummingbird – Falk – 2025 – Ecology – ESA Journals

Tropical Hummingbird’s Surprising Caterpillar Mimicry Revealed

September 4, 2025
Degrees of Science: Healthy Aging – KWTX

Unlocking the Secrets to Healthy Aging: A Science-Based Guide

September 4, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version