CyberSecurityBoard
Sponsor Register Login

Earth Lusca

Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the United Arab Emirates, Nigeria, Germany, France, and the United States. Targets included government institutions, news media outlets, gambling companies, educational institutions, COVID-19 research organizations, telecommunications companies, religious movements banned in China, and cryptocurrency trading platforms; security researchers assess some Earth Lusca operations may be financially motivated.Earth Lusca has used malware commonly used by other Chinese threat groups, including APT41 and the Winnti Group cluster, however security researchers assess Earth Lusca's techniques and infrastructure are separate.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000


Cyber News related to Earth Lusca

Chinese APT Hackers Earth Krahang Exploits Government Exchange Servers - A new Advanced Persistent Threat campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe. This campaign, active since early 2022, has been linked to a China-nexus threat actor, previously ...
3 months ago Cybersecuritynews.com
Earth Lusca - Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the ...
7 months ago Attack.mitre.org
Chinese APT Hacks 48 Government Organizations - An advanced persistent threat actor likely operating on behalf of the Chinese government has compromised dozens of foreign government entities worldwide, Trend Micro reports. Referred to as Earth Krahang, the hacking group appears linked to Earth ...
3 months ago Securityweek.com
Chinese Earth Krahang hackers breach 70 orgs in 23 countries - A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. According to Trend Micro researchers monitoring the ...
3 months ago Bleepingcomputer.com
Chinese APT 'Earth Krahang' Compromises 48 Gov't Orgs on 5 Continents - A previously unidentified Chinese espionage group has managed to breach at least 70 organizations across 23 countries, including 48 in the government space, despite using rather standard-fare tactics, techniques, and procedures. Fitting such a ...
3 months ago Darkreading.com
NJRat Campaign Unleashes Cyber Attack from Earth Bogle – The Hacker News - In a recent cyber attack, a well-known malware named NJRat is being unleashed from the Earth Bogle campaign, as reported by The Hacker News. An NJRat is a malicious code that can be used to gain system infiltration and access to web servers. It is ...
1 year ago Thehackernews.com
Investigating Common Patterns in Vietnam from the Perspective of Earth Zhulong - In 2020, a hacking group known as Earth Zhulong began targeting telecom, technology, and media sectors in Vietnam. After a long-term investigation, we believe that this group is likely related to the Chinese-linked hacking group 1937CN due to similar ...
1 year ago Trendmicro.com
A top-secret Chinese spy satellite just launched on a supersized rocket - China's largest rocket apparently wasn't big enough to launch the country's newest spy satellite, so engineers gave the rocket an upgrade. The Long March 5 launcher flew with a payload fairing some 20 feet taller than its usual nose cone when it took ...
6 months ago Packetstormsecurity.com
The satellites using radar to peer at earth in minute detail - Synthetic aperture radar allows satellites to bounce radar signals off the ground and interpret the echo - and it can even peer through clouds. Clouds cover around two-thirds of the world at any one time, preventing conventional satellites from ...
1 month ago Packetstormsecurity.com
CVE-2020-8896 - A Buffer Overflow vulnerability in the khcrypt implementation in Google Earth Pro versions up to and including 7.3.2 allows an attacker to perform a Man-in-the-Middle attack using a specially crafted key to read data past the end of the buffer used ...
4 years ago
CVE-2021-29100 - A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code execution under ...
2 years ago
China plans to take 'hack-proof' quantum satellite technology to new heights - China is planning new, cutting-edge quantum communications satellites. China launched the first dedicated quantum communications satellite, named Micius, in 2016, and has been quietly working on followup missions in the years since. "Low Earth orbit ...
7 months ago Space.com
SpaceX Launched Military Satellites Designed to Track Hypersonic Missiles - Two prototype satellites for the Missile Defense Agency and four missile-tracking satellites for the US Space Force rode a SpaceX Falcon 9 rocket into orbit Wednesday from Florida's Space Coast. These satellites are part of a new generation of ...
4 months ago Wired.com
CVE-2007-4470 - Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via ...
6 years ago
CVE-2010-3134 - Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a ...
6 years ago
CVE-2008-6822 - Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content ...
6 years ago
CVE-2006-7157 - Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element. ...
5 years ago
CVE-2020-8895 - Untrusted Search Path vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker to insert malicious local files to execute unauthenticated remote code on the targeted system. ...
1 year ago
Earth Hundun's Hackers Employ Waterbear And Deuterbear Tools - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
2 months ago Cybersecuritynews.com
AsyncRAT Malware Attacking the US Infrastructure - AsyncRAT is an open-source remote access Trojan malware known for its ability to provide unauthorized access and control over infected systems. Hackers use it actively for various malicious purposes, including:-. Cybersecurity researchers at AT&T ...
5 months ago Gbhackers.com
This Malware is Assaulting Critical US Infrastructure for Almost a Year - Over the course of the last 11 months, a threat group has actively engaged in a phishing campaign targeting employees across various companies, distributing an open-source trojan program named AsyncRAT. The victims of this campaign notably include ...
5 months ago Cysecurity.news
JPMorgan repels 45 billion cyber attempts a day, says exec The Register - The largest bank in the United States repels 45 billion - yes, with a B - cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos. Mary Callahan Erdoes, JPMorgan Chase's CEO in charge of asset and wealth ...
5 months ago Go.theregister.com
Cybercriminals embrace smarter strategies, less effort - 2024 is shaping up to be a record-breaking year for data breaches, according to Experian. Despite 2023 being labeled as a 'successful' year for malicious actors, the upcoming months may bring forth developments that could further disrupt the ...
5 months ago Helpnetsecurity.com
New Technology for an Old Industry - A few weeks ago our mining experts sat down with Danny Vicente from Cisco's Coffee and Conversations to discuss what is taking place in the mining industry. In this episode Roland Plett and Bruce Frederick talk about how mining has evolved from the ...
5 months ago Feedpress.me
FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts - It's been more than two years since the critical vulnerability in Log4j was first unleashed unto this earth, yet attackers are still making good use of it, as many organizations remain unpatched. Particularly, it seems, in deceptively secure areas of ...
5 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)