Tag: UNC3886
-
Digital Siege: How Singapore Thwarted UNC3886’s Surgical Strike on its Telecom Backbone
Singapore’s preeminent telecommunications providers have fallen prey to a sophisticated cyber espionage campaign orchestrated by the formidable adversarial collective UNC3886. While the intruders successfully infiltrated specific internal architectures, the offensive was decisively neutralized before any exfiltration of customer data could manifest. The offensive targeted a quartet of the nation’s leading telecommunications entities: Singtel, M1, StarHub,…
-
Chinese Hackers Breach Ivanti Software, Target VPN Users
Two Chinese hacking factions, known as UNC5325 and UNC3886, breached the security systems of software developed by Ivanti, which is deployed for safeguarding Virtual Private Networks (VPN). Mandiant experts discovered that UNC5325 exploited a vulnerability identified as CVE-2024-21893 in Ivanti’s products to gain access to systems and install malicious software. CVE-2024-21893, a Server-Side Request Forgery…
-
CVE-2023-34048: Inside the Zero-Day Vulnerability Exploited by UNC3886
A cybercriminal group linked to China, known as UNC3886, has clandestinely exploited a critical zero-day vulnerability in the VMware vCenter Server management system since late 2021. This revelation was disclosed in a recent report by Mandiant. The vulnerability, designated CVE-2023-34048 and rated 9.8 on the CVSS scale, involves an out-of-bounds write error that allows an…