Global Espionage Operation by I‑SOON’s FishMonger APT Group Unveiled FishMonger APT’s China-aligned global espionage campaign targets governments, NGOs, and think tanks in Asia, Europe, and the U.S.

The group FishMonger has been conducting cyber espionage against governments, NGOs, and think tanks across Asia, Europe, and the United States.

🔗 For more about their operation 'FishMedley' read⤵️

#CyberEspionage #FishMonger #ISOON #Winnti #SodaMaster

🚨 ALEART 🚨

#UAT-5918 is the new #Winnti! 😂

China-Linked Threat Group Targets Japanese Orgs' Servers Winnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.

中国系の脅威グループが日本の組織のサーバーを標的に

China-Linked Threat Group Targets Japanese Orgs' Servers #DarkReading (Feb 19)

#Winnti #RevivalStone #サイバー攻撃 #日本企業 #マルウェア

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign Winnti’s RevivalStone campaign exploited an ERP SQL flaw to deploy upgraded malware, breaching an MSP and infecting multiple firms.

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign
thehackernews.com/2025/02/winn...

#Infosec #Security #Cybersecurity #CeptBiro #Winnti #APT41 #JapaneseFirms #RevivalStone #CyberEspionageCampaign

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign instruments to accomplish its objectives read more about Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign reconbee.com/winnti-apt41...

#winnti #apt41 #japanese #revivalstone #cyberespionagecampaign #CybersecurityNews #CyberSecurityAwareness

Winnti hackers target other threat actors with new Glutton PHP backdoor ​The Chinese Winnti hacking group is using a new PHP backdoor named 'Glutton' in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals.

Winnti のハッカーが新しい Glutton PHP バックドアで他の脅威アクターをターゲットに

Winnti hackers target other threat actors with new Glutton PHP backdoor #BleepingComputer (Dec 15)

#Winnti #APT41 #PHPバックドア #サイバー攻撃 #情報窃取

4/4
💻 Winnti (APT41), linked to China, continues its dual cybercrime & espionage activity.
From targeting Microsoft Exchange vulnerabilities to exploiting global sectors, this latest backdoor proves their evolving tactics.
#Cybersecurity #APT41 #Winnti #PHPBackdoor #CyberThreat #ThreatIntel #XLab

Winnti Group Deploys Glutton PHP Backdoor on Global Frameworks - Technology News Winnti group deploys Glutton PHP backdoor globally. Glutton targets major PHP frameworks like Laravel and Yii. Advancements in malware increase detection challenges.

#Winnti Group Deploys Glutton #PHP #Backdoor on #Global #Frameworks
newslinker.co/winnti-group...

Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices

Last week, @sophossecurity.bsky.social released details of an evolving, 5year effort to counter #Chinese cyber actors like #VoltTyphoon, #APT31 & #APT41 / #Winnti targeting its firewalls.

🔗 news.sophos.com/en-us/2024/1...