#chinachopper — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #chinachopper, aggregated by home.social.
-
Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT
-
Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT
-
Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT
-
Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT
-
Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation
#WeaverAnt #ChinaChopper
https://www.sygnia.co/threat-reports-and-advisories/weaver-ant-tracking-a-china-nexus-cyber-espionage-operation/ -
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
I hope everyone is having a good weekend!
The Palo Alto Networks Unit 42 research team discovered some activity that they attributed to a very stealthy and rarely seen APT, #Gelsemium. They target a diverse group of industries but use tools like #CobaltStrike, #MetaSploit, and #ChinaChopper but also used the Potato Suite that was seen as JuicyPotato.exe (who can't appreciate that?!). This was a great weekend read and I hope you all enjoy it as much as I did! Happy Hunting!
Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government
https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ #BehavioralThreatProtection #AdvancedURLFiltering #ChinaChopper #threatactors #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #backdoor #WildFire #APT
-
Unit42: Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government https://unit42.paloaltonetworks.com/analysis-of-three-attack-clusters-in-se-asia/ #BehavioralThreatProtection #ThreatProtection #StatelyTaurus #ChinaChopper #CobaltStrike #MustangPanda #threatactors #AlloyTaurus #CL-STA-0044 #CL-STA-0045 #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #WildFire #GALLIUM #APTs
-
Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday
-
Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday
-
Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday
-
Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday
-
Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday