home.social

#unc4841 — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #unc4841, aggregated by home.social.

  1. Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data
    #SaltTyphoon #UNC4841
    silentpush.com/blog/salt-typho

  2. Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data
    #SaltTyphoon #UNC4841
    silentpush.com/blog/salt-typho

  3. Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data
    #SaltTyphoon #UNC4841
    silentpush.com/blog/salt-typho

  4. Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data
    #SaltTyphoon #UNC4841
    silentpush.com/blog/salt-typho

  5. Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data
    #SaltTyphoon #UNC4841
    silentpush.com/blog/salt-typho

  6. Silent Push uncovers 45 domains tied to Salt Typhoon & UNC4841, showing overlaps in Chinese APT infrastructure.

    Domains link to Demodex, Snappybee, Ghostspider malware + PSYOP campaigns.

    Read: technadu.com/salt-typhoon-link

    #SaltTyphoon #UNC4841 #CyberThreats

  7. Silent Push uncovers 45 domains tied to Salt Typhoon & UNC4841, showing overlaps in Chinese APT infrastructure.

    Domains link to Demodex, Snappybee, Ghostspider malware + PSYOP campaigns.

    Read: technadu.com/salt-typhoon-link

    #SaltTyphoon #UNC4841 #CyberThreats

  8. Our team at Mandiant just released details on 🇨🇳 #UNC5325, who exploited CVE-2024-21893 and CVE-2024-21887 to deploy novel malware in an attempt to remain embedded in compromised #ivanti appliances even through factory resets, system upgrades, and patches.

    Notably, we identified TTP and malware code overlaps with the advanced China-nexus espionage group #UNC3886 who exploited CVE-2023-34048 in VMWare as far back as late 2021.

    Similar to #UNC4841 familiarity with Barracuda ESGs, UNC5325 demonstrates significant knowledge of the Ivanti Connect Secure appliance as seen in both the malware they used and the attempts to persist across factory resets.

    mandiant.com/resources/blog/in

  9. Our team at Mandiant just released details on 🇨🇳 #UNC5325, who exploited CVE-2024-21893 and CVE-2024-21887 to deploy novel malware in an attempt to remain embedded in compromised #ivanti appliances even through factory resets, system upgrades, and patches.

    Notably, we identified TTP and malware code overlaps with the advanced China-nexus espionage group #UNC3886 who exploited CVE-2023-34048 in VMWare as far back as late 2021.

    Similar to #UNC4841 familiarity with Barracuda ESGs, UNC5325 demonstrates significant knowledge of the Ivanti Connect Secure appliance as seen in both the malware they used and the attempts to persist across factory resets.

    mandiant.com/resources/blog/in

  10. UNC4841 znów atakuje urządzenia Barracuda Email Security Gateway – załącznik w postaci Excela powoduje wykonanie kodu

    Barracuda Email Security Gateway (ESG) to rozwiązanie enterprise do filtrowania poczty przychodzącej. Upraszczając, to połączenie firewalla i antywirusa, które ma chronić klientów przed otrzymywaniem niechcianej poczty (spamu, phishingu) oraz zapewnić ciągłość działania poczty czy poufność przesyłanych informacji.  Już w drugim kwartale 2023 roku, Mandiant donosił o wykryciu, we współpracy z...

    #WBiegu #Barracuda #Email #Esg #Rce #Unc4841

    sekurak.pl/unc4841-znow-atakuj

  11. UNC4841 znów atakuje urządzenia Barracuda Email Security Gateway – załącznik w postaci Excela powoduje wykonanie kodu

    Barracuda Email Security Gateway (ESG) to rozwiązanie enterprise do filtrowania poczty przychodzącej. Upraszczając, to połączenie firewalla i antywirusa, które ma chronić klientów przed otrzymywaniem niechcianej poczty (spamu, phishingu) oraz zapewnić ciągłość działania poczty czy poufność przesyłanych informacji.  Już w drugim kwartale 2023 roku, Mandiant donosił o wykryciu, we współpracy z...

    #WBiegu #Barracuda #Email #Esg #Rce #Unc4841

    sekurak.pl/unc4841-znow-atakuj

  12. #Barracuda thought it drove 0-day #hackers out of customers’ networks. It was wrong. | #ArsTechnica

    "Knowing their most valued victims would install the Barracuda fixes within a matter of days, the hackers, tracked as #UNC4841, swept in and mobilized #DepthCharge to ensure that newly deployed appliances replacing old, infected ones would reinfect themselves. The well-orchestrated counterattacks speak to the financial resources of the hackers, not to mention their skill and the effectiveness of their TTPs, short for tactics, techniques, and procedures."

    arstechnica.com/security/2023/

  13. #Barracuda thought it drove 0-day #hackers out of customers’ networks. It was wrong. | #ArsTechnica

    "Knowing their most valued victims would install the Barracuda fixes within a matter of days, the hackers, tracked as #UNC4841, swept in and mobilized #DepthCharge to ensure that newly deployed appliances replacing old, infected ones would reinfect themselves. The well-orchestrated counterattacks speak to the financial resources of the hackers, not to mention their skill and the effectiveness of their TTPs, short for tactics, techniques, and procedures."

    arstechnica.com/security/2023/

  14. #Barracuda thought it drove 0-day #hackers out of customers’ networks. It was wrong. | #ArsTechnica

    "Knowing their most valued victims would install the Barracuda fixes within a matter of days, the hackers, tracked as #UNC4841, swept in and mobilized #DepthCharge to ensure that newly deployed appliances replacing old, infected ones would reinfect themselves. The well-orchestrated counterattacks speak to the financial resources of the hackers, not to mention their skill and the effectiveness of their TTPs, short for tactics, techniques, and procedures."

    arstechnica.com/security/2023/

  15. #Barracuda thought it drove 0-day #hackers out of customers’ networks. It was wrong. | #ArsTechnica

    "Knowing their most valued victims would install the Barracuda fixes within a matter of days, the hackers, tracked as #UNC4841, swept in and mobilized #DepthCharge to ensure that newly deployed appliances replacing old, infected ones would reinfect themselves. The well-orchestrated counterattacks speak to the financial resources of the hackers, not to mention their skill and the effectiveness of their TTPs, short for tactics, techniques, and procedures."

    arstechnica.com/security/2023/

  16. #Barracuda thought it drove 0-day #hackers out of customers’ networks. It was wrong. | #ArsTechnica

    "Knowing their most valued victims would install the Barracuda fixes within a matter of days, the hackers, tracked as #UNC4841, swept in and mobilized #DepthCharge to ensure that newly deployed appliances replacing old, infected ones would reinfect themselves. The well-orchestrated counterattacks speak to the financial resources of the hackers, not to mention their skill and the effectiveness of their TTPs, short for tactics, techniques, and procedures."

    arstechnica.com/security/2023/

  17. Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. - Enlarge (credit: Steve McDowell / Agefotostock)

    In late May, r... - arstechnica.com/?p=1964217 #emailsecuritygateway #barracuda #features #security #hacking #unc4841 #biz#esg

  18. Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. - Enlarge (credit: Steve McDowell / Agefotostock)

    In late May, r... - arstechnica.com/?p=1964217 #emailsecuritygateway #barracuda #features #security #hacking #unc4841 #biz#esg

  19. Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. - Enlarge (credit: Steve McDowell / Agefotostock)

    In late May, r... - arstechnica.com/?p=1964217 #emailsecuritygateway #barracuda #features #security #hacking #unc4841 #biz#esg

  20. Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. - Enlarge (credit: Steve McDowell / Agefotostock)

    In late May, r... - arstechnica.com/?p=1964217 #emailsecuritygateway #barracuda #features #security #hacking #unc4841 #biz#esg

  21. Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. - Enlarge (credit: Steve McDowell / Agefotostock)

    In late May, r... - arstechnica.com/?p=1964217 #emailsecuritygateway #barracuda #features #security #hacking #unc4841 #biz#esg

  22. Good day all! If you have been looking for technical and behavioral artifacts regarding CVE-2023-2868, look no further! Mandiant (now part of Google Cloud) takes a deep-dive into #UNC4841, a Chinese-nexus threat group, activity that shows how the group is growing in maturity and sophistication. There is a lot to learn about TTPs from this article and I hope you enjoy it as much as I did! Happy Hunting everyone!

    Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
    mandiant.com/resources/blog/un

    #CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

  23. Good day all! If you have been looking for technical and behavioral artifacts regarding CVE-2023-2868, look no further! Mandiant (now part of Google Cloud) takes a deep-dive into #UNC4841, a Chinese-nexus threat group, activity that shows how the group is growing in maturity and sophistication. There is a lot to learn about TTPs from this article and I hope you enjoy it as much as I did! Happy Hunting everyone!

    Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
    mandiant.com/resources/blog/un

    #CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

  24. Good day all! If you have been looking for technical and behavioral artifacts regarding CVE-2023-2868, look no further! Mandiant (now part of Google Cloud) takes a deep-dive into #UNC4841, a Chinese-nexus threat group, activity that shows how the group is growing in maturity and sophistication. There is a lot to learn about TTPs from this article and I hope you enjoy it as much as I did! Happy Hunting everyone!

    Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
    mandiant.com/resources/blog/un

    #CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

  25. Good day all! If you have been looking for technical and behavioral artifacts regarding CVE-2023-2868, look no further! Mandiant (now part of Google Cloud) takes a deep-dive into #UNC4841, a Chinese-nexus threat group, activity that shows how the group is growing in maturity and sophistication. There is a lot to learn about TTPs from this article and I hope you enjoy it as much as I did! Happy Hunting everyone!

    Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
    mandiant.com/resources/blog/un

    #CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

  26. Good day all! If you have been looking for technical and behavioral artifacts regarding CVE-2023-2868, look no further! Mandiant (now part of Google Cloud) takes a deep-dive into #UNC4841, a Chinese-nexus threat group, activity that shows how the group is growing in maturity and sophistication. There is a lot to learn about TTPs from this article and I hope you enjoy it as much as I did! Happy Hunting everyone!

    Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
    mandiant.com/resources/blog/un

    #CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday