Recherche : [Chine] - Cyberveille

Le plus grave incident de sécurité jamais connu par la Sûreté de l'État: "Des pirates informatiques chinois ont pu rentrer dans ce logiciel" https://www.rtl.be/actu/belgique/societe/le-plus-grave-incident-de-securite-jamais-connu-par-la-surete-de-letat-des/2025-02-26/article/740590

02/03/2025 10:35:19

La Sûreté de l'État est touchée par un grave incident de sécurité. Des pirates chinois ont détourné des courriels pendant deux ans, compromettant potentiellement des données sensibles du personnel.

Câbles rompus en mer Baltique : Pékin n’a pas autorisé la Suède à mener son enquête à bord du cargo https://www.lemonde.fr/pixels/article/2024/12/23/cables-rompus-en-mer-baltique-pekin-n-a-pas-autorise-la-suede-a-mener-son-enquete-a-bord-du-cargo_6463716_4408996.html

23/12/2024 13:32:19

Deux câbles de télécommunications avaient été coupés les 17 et 18 novembre dans les eaux territoriales suédoises de la mer Baltique. Les soupçons s’étaient rapidement portés sur un navire battant pavillon chinois, le « Yi Peng 3 ».

Des espions chinois découverts en Suisse sur un malentendu https://www.20min.ch/fr/story/meiringen-be-des-espions-chinois-decouverts-en-suisse-sur-un-malentendu-103202057

21/10/2024 08:59:13

Une famille chinoise a acquis en 2018 une auberge donnant vue sur l'aérodrome militaire. Les services secrets ont mis la main dessus grâce à des touristes en 2023.

Le système informatique de Volkswagen gravement piraté en 2015, probablement par des cyber-espions chinois https://www.rtbf.be/article/le-systeme-informatique-de-volkswagen-gravement-pirate-en-2015-probablement-par-des-cyber-espions-chinois-11361944

23/04/2024 10:27:43

Le système informatique mondial de Volkswagen, le plus grand constructeur automobile européen, a été piraté il y a...

APT27 - One Year To Exfiltrate Them All: Intrusion In-Depth Analysis https://www.intrinsec.com/apt27-analysis/?cn-reloaded=1

21/10/2022 11:57:51

During Spring 2022, a company discovered that one of their equipments was communicating with a known command and control server. As a result, the company decided to contact CERT Intrinsec in order to get help to handle the security breach and manage the crisis. CERT Intrinsec gathered information about malicious activities that were discovered on victim’s information system, and past incidents. Our in-depth analysis led us to conclude that an advanced persistent threat dubbed APT27 (a.k.a LuckyMouse, EmissaryPanda) actually compromised the company’s internal network for more than a year by exploiting a public facing application. Our analysis showed that the threat actor managed to compromise five different domains and to gain persistence on many equipments while trying to hide in plain sight. Besides, APT27 operators collected technical and business-related informations and exfiltrate almost three terabytes of data. As investigations went on, we observed tactics, techniques and procedures that had already been documented in papers, but we discovered new ones as well. CERT Intrinsec wanted to share with the community fresh and actionnable threat-intelligence related to APT27. That is why this report presents a timeline of actions taken by the attackers and the tactics, techniques and procedures seen during our incident response. It provides as well a MITRE ATT&CK diagram and several recommendations to follow if you came across such incident, and to prevent them.

Malicious Tor Browser spreads through YouTube https://securelist.com/onionpoison-infected-tor-browser-installer-youtube/107627/

04/10/2022 16:49:03

Kaspersky researchers detected OnionPoison campaign: malicious Tor Browser installer spreading through a popular YouTube channel and targeting Chinese users.

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html?m=1&s=09

01/04/2022 12:44:09

A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected machines with the goal of stealing sensitive data.

Liens par page

Filtres