From The Hacker News – Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
Posted inNews

From The Hacker News – Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,
From The Hacker News – Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack
Posted inNews

From The Hacker News – Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity. "During the attack in late 2024, the attacker deployed a distinct toolset that had