If confirmed, then this would be more evidence that hackers/criminals out of China are committing cyber crimes against companies, governments, and individuals in Western countries.
A benign interpretation would be that China is just negligent or very tolerant in its law enforcement and still lacks explicit laws to prosecute such crimes.
A more realistic interpretation is that the Communist Party of China conducts a hybrid warfare against the West.
"On Wednesday, Cisco announced hackers are exploiting a critical vulnerability in some of its most popular products that allows the full takeover of affected devices. Worse, there are no patches available at this time. ..."
"... We assess with moderate confidence that the adversary, who we are tracking as UAT-9686, is a Chinese-nexus advanced persistent threat (APT) actor whose tool use and infrastructure are consistent with other Chinese threat groups. ...
We have observed overlaps in tactics, techniques and procedures (TTPs), infrastructure, and victimology between UAT-9686 and other Chinese-nexus threat actors Talos tracks. Tooling used by UAT-9686, such as AquaTunnel (aka ReverseSSH), also aligns with previously disclosed Chinese-nexus APT groups such as APT41 and UNC5174. Additionally, the tactic of using a custom-made web-based implant such as AquaShell is increasingly being adopted by highly sophisticated Chinese-nexus APTs. ..."
Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager (original news release)
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager (original news release)
No comments:
Post a Comment