New Frontiers, Old Tactics: Chinese espionage group targets Africa & Caribbean govts.
The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign.
"The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while minimizing the exposure of their custom tools," Check Point said in a report shared with The Hacker News. "This refined approach suggests a deeper understanding of their targets."
The Israeli cybersecurity firm is tracking the activity under a new name Sharp Dragon, describing the adversary as careful in its targeting, while at the same time broadening its reconnaissance efforts.
The adversary first came to light in June 2021, when it was detected targeting a Southeast Asian government to deploy a backdoor on Windows systems dubbed VictoryDLL.
Subsequent attacks mounted by Sharp Dragon have set their sights on high-profile government entities in Southeast Asia to deliver the Soul modular malware framework, which is then used to receive additional components from an actor-controlled server to facilitate information gathering.
4 Mistakes Organization's make when deploying Advanced Authentication
Deploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link: their human users. Having some form of 2-factor authentication in place is a great start, but many organizations may not yet be in that spot or have the needed level of authentication sophistication to adequately safeguard organizational data. When deploying advanced authentication measures, organizations can make mistakes, and it is crucial to be aware of these potential pitfalls.
1. Failing to conduct a risk assessment
2. Not completing due diligence to integrate authentication with current systems.
3. Requiring only one authentication factor
4. Not paying attention to authentication activities and patterns
Ufomba Precious Ogechi
Cybersecurity Solutions & Network Engineer
© Copyright. All rights reserved.
We need your consent to load the translations
We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.