The Chinese threat group used the newly discovered KV-botnet, made up of compromised SOHO devices, as a stealth data transfer network during attacks on U.S. and Asian targets.
Hundreds of outdated Fortinet, Cisco, and Netgear small office home office routers, some of which were in high-value networks, have been leveraged by Chinese advanced persistent threat operation Volt Typhoon to form the sophisticated KV-botnet and establish a covert data transfer network, reports SecurityWeek.
BleepingComputer reports that more threat actors have been engaging in the new clearnet-hosted OLVX cybercrime market, as indicated by the significant increase in activity since being first identified in July.
More than 700 smartphones from Apple, Google, Samsung, and 21 other brands have been impacted by a collection of 14 vulnerabilities dubbed 5Ghoul that concern the implementation of Qualcomm and MediaTek 5G mobile network modem firmware, according to The Hacker News.
None of the endpoint detection and response solutions from Microsoft, SentinelOne, CrowdStrike, Cybereason, and Palo Alto Networks were able to detect or prevent eight new process injection techniques using Windows thread pools to execute malicious code dubbed "Pool Party," reports SecurityWeek.
At least 30 organizations across 14 countries, most of which are part of NATO, and a NATO Rapid Deployable Corps have been targeted by Russian state-sponsored threat operation APT28, also known as Fancy Bear, Fighting Ursa, and Sofacy, in attacks involving the exploitation of a Microsoft Outlook vulnerability, tracked as CVE-2023-23397, during the past 20 months, reports BleepingComputer.