Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hong Kong Government Hacked by APT3 Group before elections

Two Hong Hong government departments were targeted by Chinese hackers belonging the APT3 group just before the legislative elections. Security experts from FireEye have discovered a new cyber espionage campaign launched by the Chinese APT3 group against Hong Kong Government before upcoming parliamentary elections that are to be held today September 4. The hackers targeted two Hong Kong government departments […]

Hong Kong Government Hacked by APT3 Group before elections

Two Hong Hong government departments were targeted by Chinese hackers belonging the APT3 group just before the legislative elections.

Security experts from FireEye have discovered a new cyber espionage campaign launched by the Chinese APT3 group against Hong Kong Government before upcoming parliamentary elections that are to be held today September 4.

The hackers targeted two Hong Kong government departments to steal information related upcoming elections.
APT3 hackers used spear-phishing emails to lure victims to websites used to deliver malicious code on victims’ PC. According to FireEye, the malicious phishing emails claimed to include information about a report on election results, they include a link to the malicious website.

hongkong_web

APT3 was first spotted by FireEye in 2014, the ATP group was using exploits targeting recently disclosed vulnerabilities in Windows. The experts at FireEye speculated the APT3 is the same actor behind the “Operation Clandestine Fox” uncovered by the company in April 2014. The hackers exploited an IE zero-day vulnerability in a series of targeted attacks.

FireEye reported in a blog post the details of the attacks run by the APT3 that exploited the Windows OLE bug and also another Windows privilege escalation vulnerability (CVE-2014-4113).

Cyber espionage campaigns conducted to gather information about government and political activities in Southeast Asia are not a novelty, the Government of Beijing is one of the most active in this sense.

“Typically when we see government attacks on other governments, it’s about intelligence gathering and trying to gain access to information they can’t get via other means,” Bryce Boland, FireEye CTO for the Asia-Pac, told Agence France-Presse.

China always made political pressure on the local Honk Kong government to discredit political opponents and those candidates that fight for the independence of the country.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – APT3, State-sponsored hackers)