NEWSROOM

Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliances and evade detection.

Tasked with running Oregon’s state lottery, Director Michael Wells uses a blend of transparency and purpose to keep the wheels spinning. The biggest winners, he says, are ultimately Oregonians.

Ram is the CEO of Sygnia, a global cyber security consulting and incident response company, trusted by leading organizations worldwide.

“GhostEmperor employs a multi-stage malware to achieve stealth execution and persistence and utilizes several methods to impede analysis process,” Security researcher Dor Nizar said.

After an extended period underground, the Chinese hackers have added a more sophisticated infection chain and additional EDR evasion techniques.

Attackers leveraged an updated version of the Demodex kernel-level rootkit with more advanced tools and obfuscation techniques to compromise an unnamed organization’s network.

An elusive and highly covert Chinese hacking group tracked as Ghost Emperor — notorious for its sophisticated supply-chain attacks targeting telecommunications and government entities in Southeast Asia — has been spotted for the first time in more than two years. And according to the researchers, the group has gotten even better at evading detection.

Zero-day was found granting unabated access to Chinese state-sponsored threat actors.

Cisco on Monday patched a zero-day vulnerability discovered months ago that allowed a China-nexus hacker to execute arbitrary commands as root on the compromised.