Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

APT41

APT41 is a threat group that researchers have assessed as Chinese state-sponsored espionage group that also conducts financially-motivated operations. Active since at least 2012, APT41 has been observed targeting healthcare, telecom, technology, and video game industries in 14 countries. APT41 overlaps at least partially with public reporting on groups including BARIUM and Winnti Group.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000

Cyber News related to APT41

APT41 Hackers Leveraging Atexec and WmiExec Windows Modules to Deploy Malware - In a recently documented incident, the threat actors demonstrated their evolving tactics by leveraging the Atexec and WmiExec modules from the Impacket penetration testing toolkit to establish persistence and conduct lateral movement within ...
2 months ago Cybersecuritynews.com APT41

China-Linked APT41 Hackers Target US Critical Infrastructure with New Malware - China-linked APT41, a notorious cyber espionage group, has intensified its attacks on US critical infrastructure using newly developed malware. This sophisticated threat actor is known for its dual espionage and financially motivated operations, ...
3 weeks ago Thehackernews.com CVE-2025-1234 CVE-2025-5678 APT41

APT41 - APT41 is a threat group that researchers have assessed as Chinese state-sponsored espionage group that also conducts financially-motivated operations. Active since at least 2012, APT41 has been observed targeting healthcare, telecom, technology, and ...
1 year ago Attack.mitre.org APT41 Winnti Group

Chinese Hackers MurkyGenesis and APT41 Targeting Global Telecoms with New Espionage Malware - Chinese cyber espionage groups MurkyGenesis and APT41 have been identified targeting global telecommunications companies with sophisticated malware campaigns. These threat actors are deploying new espionage tools designed to infiltrate telecom ...
1 month ago Thehackernews.com MurkyGenesis APT41

Sandman APT Gains Traction: Chinese Hackers Amplify Cybersecurity Risks - Following this assessment, SentinelOne, PwC, and Microsoft Threat Intelligence have been working together on this since they have determined that the adversary's Lua-based malware, LuaDream, and the KEYPLUG have both been found to cohabit in the ...
1 year ago Cysecurity.news APT41

New Yibackdoor Malware Shares Major Code Overlap With China-linked APT41 - A newly discovered malware named Yibackdoor has been found to share significant code similarities with malware used by the China-linked APT41 threat group. This discovery highlights the evolving tactics of cyber espionage actors and the increasing ...
1 week ago Thehackernews.com APT41

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

apt41 - ...
1 year ago

How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - – Exploitation of zero-day vulnerabilities or watering hole attacks (compromising websites frequented by the target).Establishing a Foothold– Attackers deploy malware to create backdoors or tunnels for undetected movement within the ...
7 months ago Cybersecuritynews.com APT41

Weekly Cybersecurity Recap : Sharepoint 0-day, Vmware Exploitation, Threats and Cyber Attacks - Tracked as CVE-2025-12345, this flaw allows remote code execution (RCE) without authentication, potentially enabling attackers to compromise sensitive data or deploy malware on affected servers. The U.S. Cybersecurity and Infrastructure Security ...
2 months ago Cybersecuritynews.com CVE-2025-12345 APT41

Earth Lusca - Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the ...
1 year ago Attack.mitre.org APT41 Earth Lusca Winnti Group

CISA orders federal gov to patch Fortra bug exploited by China-linked hackers - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring all federal agencies to patch a critical vulnerability in Fortra's GoAnywhere MFT software. This vulnerability, tracked as CVE-2023-0669, allows ...
3 days ago Therecord.media CVE-2023-0669 APT41

Microsoft: Mystery Group Targeting Telcos Linked to Chinese APTs - Common malware has led a group of researchers to link the once mysterious Sandman threat group, known for cyberattacks against telecom service providers across the world, to a growing web of Chinese government-backed advanced persistent threat ...
1 year ago Darkreading.com APT41

Sandman Cyberespionage Group Linked to China - The recently outed advanced persistent threat actor Sandman appears linked to China, SentinelOne, Microsoft, and PwC say in a joint report. The hacking group was brought into the spotlight at the LABScon security conference, standing out because of ...
1 year ago Securityweek.com APT41

'ChamelGang' APT Disguises Espionage Activities With Ransomware - A likely China-backed advanced persistent threat group has been systematically using ransomware to disguise its relatively prolific cyber-espionage operations for the past three years, at least. The threat actor, who researchers at SentinelOne are ...
1 year ago Darkreading.com APT41

Winnti Hackers Attacking Japanese Organizations With New Malware - The China-based Winnti Group has targeted Japanese organizations in a recent cyberattack campaign known as “RevivalStone,” in the manufacturing, materials, and energy sectors. With the increasing sophistication of such threats, ...
7 months ago Cybersecuritynews.com APT41 Winnti Group

Leaked KeyPlug Malware Infrastructure Contains Exploit Scripts to Hack Fortinet Firewall and VPN - Security experts recommend immediate patching of all Fortinet devices, monitoring for WebSocket handshake requests to suspicious endpoints, and reviewing historical logs for signs of exploitation attempts using these now-exposed techniques. The ...
5 months ago Cybersecuritynews.com CVE-2024-23108 APT41

RedGolf Hackers Exposes Fortinet Exploits & Tools Used to Hack Organizations - Security experts recommend organizations use Fortinet products to immediately update to the latest firmware versions and monitor for suspicious access patterns to CLI endpoints, particularly those involving WebSocket connections or forwarded headers ...
5 months ago Cybersecuritynews.com APT41

New T1555.003 Technique Let Attackers Steal Passwords From Web Browsers - Security tools can generate Event ID 4663 logs when unauthorized processes attempt to access browser files like Local State or Login Data. According to recent research, web browsers typically store these credentials in an encrypted format within a ...
4 months ago Cybersecuritynews.com APT33 APT37 APT41 Ajax Security Team APT3

APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks - The Turla/Tomiris group has particularly refined this approach, utilizing infected USB drives containing industrial espionage tools that eventually deploy ransomware across entire fleet management networks, effectively holding maritime operations ...
2 months ago Cybersecuritynews.com Mustang Panda CVE-2022-22707 APT41 Turla

Urgent: China-Linked Hackers Exploit New Vulnerabilities in Critical Infrastructure - In a recent alarming development, China-linked hacker groups have been exploiting newly discovered vulnerabilities in critical infrastructure systems worldwide. These cyberattacks target essential services, causing significant disruptions and raising ...
3 days ago Thehackernews.com CVE-2025-1234 CVE-2025-2345 CVE-2025-3456 APT41 Hafnium