Tag: chinese hackers

2 Attack Reports | 0 Vulnerabilities

Attack reports

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors, known as BrazenBamboo, are exploiting a zero-day vulnerability in Fortinet's FortiClient Windows VPN client to steal credentials. The hackers use a custom post-exploitation toolkit called DeepData, which includes a FortiClient plugin to extract usernames, passwords, and VPN s…
espionage
lightspy
zero-day
credential theft
vpn
post-exploitation
chinese hackers
2024-11-18
deeppost
deepdata
forticlient
Published: November 18, 2024
Downloadable IOCs: 0

Chinese Hackers Toolkit Uncovered And Activity History Uncovered

A Chinese hacking group called 'You Dun' was discovered through an exposed open directory, revealing their comprehensive attack infrastructure. The group utilized sophisticated reconnaissance tools and exploited Zhiyuan OA software via SQL injection attacks, targeting South Korean pharmaceutical or…
sql injection
ransomware
cobalt strike
privilege escalation
lockbit 3.0
2024-10-28
c2 infrastructure
CVE-2021-25003
chinese hackers
viper framework
reconnaissance tools
Published: October 28, 2024
Linked vulnerabilities : CVE-2021-25003
Downloadable IOCs: 7
Click here to see more Attack Reports