UAT-8302: Chinese APT using common malware families against government targets in Latin America & Europe

Colleagues: cybersecurity activity attributed to UAT-8302 and linked to China has been observed.
Summary:
- Cisco Talos links UAT-8302 to attacks on government agencies in South America (since late 2024) and Southeastern Europe (2025).
- The group employs common tooling — NetDraft/NosyDoor, CloudSorcerer, SNOWLIGHT/SNOWRUST, Deed RAT, etc. — plus proxies/VPNs for sustained access.
- Likely techniques include exploitation of 0‑day/N‑day web vulnerabilities, reconnaissance, automated scanning, and lateral movement.
Why it matters: shared tooling accelerates attacks and increases risk to critical systems.
What steps do you consider priority to protect government and CII?
#cybersecurity #APT #threatintelligence


Latest comments
No comments yet.