Tag: tibetan websites

1 Attack Reports | 0 Vulnerabilities

Attack reports

China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike

A Chinese state-sponsored threat group, TAG-112, has compromised two Tibetan websites to deliver Cobalt Strike malware. The attackers embedded malicious JavaScript in the sites, spoofing a TLS certificate error to trick visitors into downloading a disguised security certificate. This campaign highl…
state-sponsored
cobalt strike
cyber-espionage
2024-11-13
china-nexus
tibetan websites
joomla vulnerabilities
tls certificate spoofing
evasive panda
tag-102
Published: November 13, 2024
Downloadable IOCs: 19
Click here to see more Attack Reports