New Botnet using Mirai variant and targeting numerous vulnerabilities per Threatpost
Researchers at Palo Alto’s Unit 42 report a very busy botnet hunting connected devices, including network security ones. The botnet has leveraged at least ten known vulnerabilities to compromise devices and then infects them with a variant of Mirai malware flavoured for the that device’s architecture: SonicWall, D-Link, Netgear among others. With APTs from Russia and China merrily traversing our networks, now is a great time to say remember 2019 and VPN botnet? These things can be weaponized …
China-based cyber espionage campaign targets telecoms per ZDNet
Telecoms have been targets by APTs for some time and this campaign, dubbed Operation Diànxùn, is brought to you by Mustang Panda and RedDelta. Chinese APTs are notoriously good at cyber espionage, and telecoms are great sources to access information. So far 23 providers in Europe, the US, and South East Asia have been targets in the operation extending back to August 2020. There has been a clear uptick in aggressive cyber activities by China, and given the current situation with Exchange servers I urge active monitoring to look for activity: do not underestimate the depth or extent of their intrusions.