Earth Lusca

Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the United Arab Emirates, Nigeria, Germany, France, and the United States. Targets included government institutions, news media outlets, gambling companies, educational institutions, COVID-19 research organizations, telecommunications companies, religious movements banned in China, and cryptocurrency trading platforms; security researchers assess some Earth Lusca operations may be financially motivated.Earth Lusca has used malware commonly used by other Chinese threat groups, including APT41 and the Winnti Group cluster, however security researchers assess Earth Lusca's techniques and infrastructure are separate.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000

Cyber News related to Earth Lusca

Chinese APT Hackers Earth Krahang Exploits Government Exchange Servers - A new Advanced Persistent Threat campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe. This campaign, active since early 2022, has been linked to a China-nexus threat actor, previously ...
1 year ago Cybersecuritynews.com CVE-2023-32315 CVE-2022-21587 Earth Lusca

Earth Lusca - Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the ...
1 year ago Attack.mitre.org APT41 Earth Lusca Winnti Group

Chinese APT Hacks 48 Government Organizations - An advanced persistent threat actor likely operating on behalf of the Chinese government has compromised dozens of foreign government entities worldwide, Trend Micro reports. Referred to as Earth Krahang, the hacking group appears linked to Earth ...
1 year ago Securityweek.com Earth Lusca

Chinese Earth Krahang hackers breach 70 orgs in 23 countries - A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. According to Trend Micro researchers monitoring the ...
1 year ago Bleepingcomputer.com CVE-2023-32315 CVE-2022-21587 Earth Lusca GALLIUM

Chinese APT 'Earth Krahang' Compromises 48 Gov't Orgs on 5 Continents - A previously unidentified Chinese espionage group has managed to breach at least 70 organizations across 23 countries, including 48 in the government space, despite using rather standard-fare tactics, techniques, and procedures. Fitting such a ...
1 year ago Darkreading.com CVE-2023-32315 CVE-2022-21587 BlackTech Mustang Panda Volt Typhoon

Earth Alux Hackers Employ VARGIET Malware to Attack Organizations - Initially targeting the Asia-Pacific region, the group expanded its operations to Latin America by mid-2024, primarily focusing on government, technology, logistics, manufacturing, telecommunications, IT services, and retail sectors in countries ...
1 week ago Cybersecuritynews.com

NJRat Campaign Unleashes Cyber Attack from Earth Bogle – The Hacker News - In a recent cyber attack, a well-known malware named NJRat is being unleashed from the Earth Bogle campaign, as reported by The Hacker News. An NJRat is a malicious code that can be used to gain system infiltration and access to web servers. It is ...
2 years ago Thehackernews.com

Investigating Common Patterns in Vietnam from the Perspective of Earth Zhulong - In 2020, a hacking group known as Earth Zhulong began targeting telecom, technology, and media sectors in Vietnam. After a long-term investigation, we believe that this group is likely related to the Chinese-linked hacking group 1937CN due to similar ...
2 years ago Trendmicro.com

Earth Preta Abuse Microsoft Application Virtualization Injector To Inject Malicious Payloads - Advanced Persistent Threat (APT) group Earth Preta (a.k.a. Mustang Panda) has been observed weaponizing the Microsoft Application Virtualization Injector (MAVInject.exe) to bypass security software and implant backdoors in government systems across ...
1 month ago Cybersecuritynews.com Mustang Panda

A top-secret Chinese spy satellite just launched on a supersized rocket - China's largest rocket apparently wasn't big enough to launch the country's newest spy satellite, so engineers gave the rocket an upgrade. The Long March 5 launcher flew with a payload fairing some 20 feet taller than its usual nose cone when it took ...
1 year ago Packetstormsecurity.com Rocke

The satellites using radar to peer at earth in minute detail - Synthetic aperture radar allows satellites to bounce radar signals off the ground and interpret the echo - and it can even peer through clouds. Clouds cover around two-thirds of the world at any one time, preventing conventional satellites from ...
10 months ago Packetstormsecurity.com

SpaceX Capsule Docks With ISS For Starliner Rescue Mission - A SpaceX Dragon capsule has docked at the International Space Station as NASA organises a trip back to Earth for two astronauts who have been stranted on the station since June. NASA astronaut Nick Hague and Roscosmos cosmonaut Aleksandr Gorbunov ...
6 months ago Silicon.co.uk

CVE-2020-8896 - A Buffer Overflow vulnerability in the khcrypt implementation in Google Earth Pro versions up to and including 7.3.2 allows an attacker to perform a Man-in-the-Middle attack using a specially crafted key to read data past the end of the buffer used ...
4 years ago

CVE-2021-29100 - A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code execution under ...
3 years ago

CVE-2024-51839 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meini Utech Spinning Earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through 1.2. ...
4 months ago Tenable.com

CVE-2025-25078 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrew Norcross Google Earth Embed allows Stored XSS. This issue affects Google Earth Embed: from n/a through 1.0. ...
2 months ago Tenable.com

China plans to take 'hack-proof' quantum satellite technology to new heights - China is planning new, cutting-edge quantum communications satellites. China launched the first dedicated quantum communications satellite, named Micius, in 2016, and has been quietly working on followup missions in the years since. "Low Earth orbit ...
1 year ago Space.com Rocke

SpaceX Launched Military Satellites Designed to Track Hypersonic Missiles - Two prototype satellites for the Missile Defense Agency and four missile-tracking satellites for the US Space Force rode a SpaceX Falcon 9 rocket into orbit Wednesday from Florida's Space Coast. These satellites are part of a new generation of ...
1 year ago Wired.com Rocke

8-Year Old Windows Shortcut Zero-Day Exploited by 11 State-Sponsored Groups - Some North Korean threat actors, such as Earth Manticore (APT37) and Earth Imp (Konni), have been using extremely large .lnk files – with sizes up to 70.1 MB – containing excessive whitespace and junk content to further evade detection. ...
3 weeks ago Cybersecuritynews.com APT37 APT3

Chinese FamousSparrow hackers deploy upgraded malware in attacks - A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based trade organization. In the attacks observed by the researchers, ShadowPad was ...
2 weeks ago Bleepingcomputer.com

CVE-2007-4470 - Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via ...
7 years ago

CVE-2010-3134 - Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a ...
7 years ago

CVE-2008-6822 - Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content ...
7 years ago

CVE-2006-7157 - Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element. ...
6 years ago

CVE-2020-8895 - Untrusted Search Path vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker to insert malicious local files to execute unauthenticated remote code on the targeted system. ...
2 years ago

Earth Lusca

Cyber News related to Earth Lusca

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)