Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage — [https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjI7LhdZrf
What’s new: Chinese cyber espionage groups, including Murky Panda, Genesis Panda, and Glacial Panda, are intensifying their attacks on cloud and telecommunications sectors. Murky Panda exploits trusted relationships and known vulnerabilities to gain access to enterprise networks, while Genesis Panda targets cloud service providers for intelligence collection. Glacial Panda focuses on telecommunications, exfiltrating sensitive data using various attack methods, including privilege escalation vulnerabilities.
Who’s affected
Organizations in government, technology, academic, legal, professional services, financial services, media, telecommunications, and technology sectors across North America and other regions are at risk. Specific vulnerabilities exploited include CVE-2023-3519 (Citrix) and CVE-2021-4034 (PwnKit).
What to do
- Implement robust security measures for internet-facing appliances and cloud services.
- Regularly update and patch systems to mitigate known vulnerabilities.
- Monitor for unusual access patterns and unauthorized account changes.
- Conduct security assessments to evaluate and strengthen identity management practices.
