Tag: UNC5221
-
Chinese APT Deploys Cross-Platform ‘Brickstorm’ Backdoor, Burrows for Years in Critical Networks
Chinese cyber-espionage actors have spent years burrowed, undetected, within the networks of critical organizations, infiltrating infrastructure with sophisticated malware and exfiltrating sensitive data, government agencies and private researchers warn. According to a joint advisory from CISA, the NSA, and the Canadian Centre for Cyber Security, at least eight government bodies and IT companies have fallen…
-
393 Days Undetected: China-Linked UNC5221 Uses BRICKSTORM Backdoor to Exploit Ivanti Zero-Days
According to Google Threat Intelligence, the China-linked espionage group UNC5221 has since March conducted a series of successful intrusions into corporate networks, exploiting previously unknown vulnerabilities in Ivanti products. These operations resulted in the deployment of backdoors that enabled attackers to maintain covert access to victim infrastructures for an average of 393 days without detection.…
-
Mandiant Uncovers “UNC5221”: Stealthy Hackers Bypass VPN Defenses with Malware Arsenal
At least five different types of malware have been employed by suspected state-sponsored hackers to gain access to company networks through Zero-Day vulnerabilities in Ivanti Connect Secure (ICS) VPN devices. These attacks have been occurring since the beginning of December 2023. According to Mandiant, the group UNC5221 used these malware programs to bypass authentication systems…