Tag: advanced persistent threat

3 Attack Reports | 0 Vulnerabilities

Attack reports

Inside Salt Typhoon: China's State-Corporate Advanced Persistent Threat

Salt Typhoon is a Chinese state-sponsored cyber threat group aligned with the Ministry of State Security, specializing in long-term espionage operations targeting global telecommunications infrastructure. Active since 2019, it has demonstrated advanced capabilities in exploiting network edge device…
CVE-2024-3400
china
cyber espionage
telecommunications
china chopper
advanced persistent threat
demodex
CVE-2023-20198
2025-09-25
long-term persistence
infrastructure targeting
ministry of state security
sigrouter
CVE-2023-35082
contractor ecosystem
Published: September 25, 2025
Downloadable IOCs: 0

Separating the bee from the panda: CeranaKeeper making a beeline for Thailand

This intelligence report details a sophisticated malware campaign targeting multiple industries across various countries. The threat actor employs advanced tactics, techniques, and procedures (TTPs) to infiltrate networks, maintain persistence, and exfiltrate sensitive data. The malware used in thi…
social engineering
data exfiltration
advanced persistent threat
2024-10-03
custom malware
multi-industry targeting
persistence techniques
network infiltration
Published: October 3, 2024
Downloadable IOCs: 16

CheckMesh: Hidden Threats in Your FW

This report examines an advanced cyber-attack targeting an Israeli enterprise, where a sophisticated threat actor compromised a Check Point firewall by deploying a malicious ELF implant known as MeshAgent. The implant, disguised as a legitimate process, enabled encrypted communication with the atta…
credential theft
lateral movement
2024-08-05
meshagent
encrypted communication
advanced persistent threat
firewall compromise
Published: August 5, 2024
Downloadable IOCs: 9
Click here to see more Attack Reports