Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks – TheHackerNews - June 2023

The newly discovered Chinese nation-state actor known as Volt Typhoon has been observed to be active in the wild since at least mid-2020, with the hacking crew linked to never-before-seen tradecraft to retain remote access to targets of interest.

The findings come from CrowdStrike, which is tracking the adversary under the name Vanguard Panda.

"The adversary consistently employed ManageEngine Self-service Plus exploits to gain initial access, followed by custom web shells for persistent access, and living-off-the-land (LotL) techniques for lateral movement,"

Falcon Complete MDR Thwarts VANGUARD PANDA Tradecraft – CrowdStrike - June 2023

#VoltTyphoon #VanguarPanda #China #espionage #spyware #malware

The Hungarian Civil Liberties Union and its coordinated fight against the use of Pegasus spyware - Media Defence – June 2023

The main problem is that Hungarian national security laws permit the government and its officials to use spyware tools to monitor citizens – without any judicial oversight. Even though it has been revealed by investigative journalists that Pegasus was used against journalists, we still know very little about this use. Decision-makers are able to keep everything secret.

People who were spied on with Pegasus could not access any information about their surveillance. They also could not find out the reasons that they were targeted. Another important issue is that there are no judicial procedures to provide remedies for those who have been targeted by the spyware. Under Hungarian law it seems impossible to achieve justice.

#Pegasus #NSO #Hungary #spyware