VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

China‑linked APTs target Asian governments, Poland, journalists and activists

Китай‑связанные APT атакуют правительства Азии, Польшу, журналистов и активистов

Colleagues, a major campaign by China‑linked APTs has been uncovered targeting Asian governments, Poland, journalists and activists.

- Trend Micro: SHADOW‑EARTH‑053 exploits N‑day Microsoft Exchange and IIS, deploys Godzilla web shell and installs ShadowPad via DLL sideloading.
- Operators use tunneling, Mimikatz for privilege escalation, and custom RDP/SMB tools; primary vector — internet‑exposed IIS/Exchange.
- Citizen Lab: GLITTER CARP and SEQUIN CARP phishing target journalists and diaspora, employing AiTM, tracking pixels and credential theft.

Why this matters: urgently patch Exchange/IIS and deploy IPS/WAF or virtual patching.

What measures are you taking to protect your infrastructure?

#cybersecurity #APT #phishing #vulnerability

Latest comments

No comments yet.