State-backed Chinese hackers can modify Cisco routers without being detected and install custom firmware that allows for persistent access, according to a new joint cybersecurity advisory published by CISA and both US and Japanese law enforcement agencies.
Microsoft has traced the signing key theft back to a "crash dump" error. A breach of a Microsoft engineer's work account by the Chinese hackers then yielded access to the crash dump and the embedded signing key.
Barracuda ESG zero-day attacks by Chinese state-sponsored threat actors compromised multiple U.S. state, local, and tribal government email servers. Over 200,000 private and government organizations worldwide depend on Barracuda email security gateway (ESG) appliances.
A long-term breach of Japan's national cyber security agency may be the work of state-backed Chinese hackers. The security breach occurred in October 2022 and was disclosed in August of this year.
Official sources say that Chinese hackers combed Japan's military networks over an extended period between 2020 and 2021 in search of military plans, documentation of capabilities, and assessments of vulnerabilities.
The assessment of the damage from the recent cyber espionage campaign by Chinese hackers has now been revised and greatly expanded, with more senior officials and ambassadors confirmed to have been targeted and potentially "hundreds of thousands" of email accounts breached.
Microsoft's threat research team says that the Chinese hackers breached at least two dozen organizations in total, including government email accounts at multiple federal agencies. Campaign reportedly began in mid-May.
Microsoft reports a long-term campaign by Chinese hackers that has burrowed into a number of different aspects of US critical infrastructure, with the eventual goal being the creation of a system of widespread disruption that could be 'switched on' during another global crisis or a conflict between the two nations.
Chinese hackers are now focusing on the outer layers of target networks, even antivirus software and firewalls, as an entry point for stealthy cyber attacks that can last for years.
Amnesty International Canada experienced a security breach on October 5 with the ultimate conclusion being that state-sponsored Chinese hackers penetrated the system for espionage purposes.