Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. [...]
February 13th, 2025 (2 months ago)
|
|
|
Description: A recent attack on a South Asian software and services company suggests that a China-linked cyberespionage actor may be engaging in ransomware operations. The attacker deployed a distinct toolset typically associated with Chinese state-sponsored espionage groups but used it in conjunction with RA World ransomware, raising questions about potential moonlighting or a shift in tactics. …
The post Chinese Cyberespionage by Day, Ransomware Gang by Night appeared first on CyberInsider.
February 13th, 2025 (2 months ago)
|
|
|
Description: An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity.
"During the attack in late 2024, the attacker deployed a distinct toolset that had
February 13th, 2025 (2 months ago)
|
|
|
Description: miyako Claims to be Selling Access to a Global Furniture Brand in China
February 12th, 2025 (2 months ago)
|
CVE-2025-25530 |
Description: Buffer overflow vulnerability in Digital China DCBI-Netlog-LAB Gateway 1.0 due to the lack of length verification, which is related to saving parental control configuration information. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
EPSS Score: 0.04%
February 12th, 2025 (2 months ago)
|
|
CVE-2025-25529 |
Description: Buffer overflow vulnerability in Digital China DCBC Gateway 200-2.1.1 due to the lack of length verification, which is related to the configuration of static NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
EPSS Score: 0.04%
February 12th, 2025 (2 months ago)
|
|
|
February 10th, 2025 (2 months ago)
|
|
|
Description: Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT.
The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China.
"This actor has increasingly targeted key roles
February 6th, 2025 (2 months ago)
|
|
|
Description: According to the language of the proposed bill, people who download AI models from China could face up to 20 years in jail, a million dollar fine, or both.
February 3rd, 2025 (2 months ago)
|
|
|
Description: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a backdoor embedded in the firmware of the Contec CMS8000, a patient monitor used in U.S. healthcare facilities. The Contec CMS8000 is manufactured by Contec Medical Systems, a China-based company supplying medical devices to hospitals and clinics worldwide, including the U.S. and the …
The post Contec Monitors Used in U.S. Hospitals Carry Chinese Backdoor appeared first on CyberInsider.
January 31st, 2025 (3 months ago)
|