Common Information
| Type | Value |
|---|---|
| Value |
Evasive Panda |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | BRONZE HIGHLAND has been observed using spearphishing as an initial infection vector to deploy the MgBot remote access trojan against targets in Hong Kong. Third party reporting suggests the threat group also targets India, Malaysia and Taiwan and leverages Cobalt Strike and KsRemote Android Rat. CTU researchers assess with moderate confidence that BRONZE HIGHLAND operates on behalf of China and has a remit covering espionage against domestic human rights and pro-democracy advocates and nations neighbouring China |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-14 | 2 | Chinese malware attack hits Tibetan websites | ||
| Details | Website | 2024-11-14 | 8 | China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike | ||
| Details | Website | 2024-11-14 | 33 | TAG-112 APT IOCs - SEC-1275-1 | ||
| Details | Website | 2024-11-13 | 5 | China-Nexus Actors Hijack Websites to Deliver Cobalt Strike malware | ||
| Details | Website | 2024-11-11 | 2 | 美国机构提醒员工限制使用电话,因为 Salt Typhoon 黑客攻击了电信提供商-安全客 - 安全资讯平台 | ||
| Details | Website | 2024-11-10 | 2 | U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-11-10 | 2 | U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers | ||
| Details | Website | 2024-11-10 | 7 | 技术精湛,来自国内APT组织的恶意软件,苹果电脑也未能幸免 | CTF导航 | ||
| Details | Website | 2024-11-07 | 8 | China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike | ||
| Details | Website | 2024-11-05 | 16 | Evasive Panda APT IOCs - Part 2 - SEC-1275-1 | ||
| Details | Website | 2024-11-04 | 17 | THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03) | ||
| Details | Website | 2024-11-04 | 1 | Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit | ||
| Details | Website | 2024-11-04 | 17 | THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03) - RedPacket Security | ||
| Details | Website | 2024-11-03 | 0 | Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION | ||
| Details | Website | 2024-10-29 | 0 | Novel toolset leveraged by Chinese cyberespionage gang to target cloud data | ||
| Details | Website | 2024-10-29 | 1 | Cyber Briefing: 2024.10.29 | ||
| Details | Website | 2024-10-29 | 0 | CloudScout Toolset by Evasive Panda: Targeting Taiwan's Institutions - RedPacket Security | ||
| Details | Website | 2024-10-29 | 0 | Evasive Panda Deploys Advanced CloudScout Malware to Steal Data from Taiwanese Institutions - CloudSEK News | ||
| Details | Website | 2024-10-28 | 0 | Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services | ||
| Details | Website | 2024-10-28 | 0 | Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services - RedPacket Security | ||
| Details | Website | 2024-10-28 | 0 | Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-28 | 0 | Evasive Panda’s CloudScout Toolset Targets Taiwan | ||
| Details | Website | 2024-10-28 | 51 | CloudScout: Evasive Panda scouting cloud services | ||
| Details | Website | 2024-09-26 | 5 | China-linked APT group Salt Typhoon compromised some US ISPs | ||
| Details | Website | 2024-08-02 | 10 | StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms |