Verticals Targeted: Energy
Executive Summary
This Threat Bulletin is part of PolySwarm’s 2022 Recap series. This report provides highlights of activity perpetrated by China-based threat actors in 2022.
Key Takeaways
- This report highlights activity perpetrated by China-based threat actors in 2022.
- Threat actors featured in this report include Keyhole Panda, Stone Panda, Deep Panda, Twisted Panda, Vixen Panda, Pirate Panda, Aquatic Panda, Wicked Panda, Mustang Panda, Emissary Panda, Kryptonite Panda, Lotus Panda, TA410, Red Menshen, Scarab, Aoquin Dragon, and Lotus Blossom.
- PolySwarm tracked malware associated with multiple China nexus threat actors in 2022.
Verticals Targeted: Government
Executive Summary
Symantec recently reported on Spyder Loader, a tool used by Chinese nexus state-sponsored threat actor group Winnti to target government entities in Hong Kong.
Executive Summary
The aviation and aerospace verticals face numerous challenges in the form of cyber threats. This report gives an overview of the different threat actor motivations to target aviation and aerospace and the types of threats to these verticals.
Executive Summary
Cisco Talos recently reported on a campaign leveraging Manjusaka, a new attack framework being used in the wild that is advertised as an alternative to Cobalt Strike or Sliver.
Background
Positive Technologies recently reported on an espionage campaign in which a previously unknown threat actor group targeted the Russian aerospace industry. Researchers at Positive Technologies dubbed the group Space Pirates.
Background
PwC Threat Intelligence recently reported on BPFDoor, a passive network implant for Linux targeting telecommunications providers. The activity was attributed to the Chinese nexus threat actor group Red Menshen.
