Sign up to save your podcasts
Or
Share Chinese Hackers Hide Malware in Your Calendar! Plus, Critical Exploits Targeting Infrastructure
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Chinese Hackers Hide Malware in Your Calendar! Plus, Critical Exploits Targeting Infrastructure
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
*Digital Dragon Watch: Weekly China Cyber Alert - May 29, 2025*
Hey there, cyber warriors! Ting here, bringing you the hottest China-related cyber threats faster than you can say "firewall breach." This week has been absolutely wild in the digital battleground between East and West, so let's dive right in!
The biggest story breaking right now involves Chinese state-backed hackers who've discovered an incredibly sneaky method of hiding malware inside Google Calendar events. Yes, you read that correctly - those seemingly innocent meeting reminders could be carrying malicious code! These crafty attackers are embedding stolen data within calendar entries and using other calendar events to deploy instructions to compromised systems.
But wait, there's more! The Chinese threat actor UNC5221 has been busy exploiting vulnerabilities in Ivanti Endpoint Manager Mobile software. Since May 15th, they've targeted organizations across healthcare, telecommunications, aviation, government, finance, and defense sectors in Europe, North America, and Asia-Pacific. These hackers clearly did their homework, showing deep understanding of EPMM's architecture by repurposing legitimate components for data exfiltration. Given that EPMM manages enterprise mobile devices, successful attacks could compromise thousands of devices across an organization.
And speaking of widespread attacks, multiple China-nexus APTs have exploited a critical SAP NetWeaver vulnerability (CVE-2025-31324) to breach critical infrastructure. Targets include natural gas distribution networks in the UK, medical device manufacturers, oil and gas companies in the US, and government ministries in Saudi Arabia. EclecticIQ researchers identified three distinct threat groups involved: UNC5221 (yes, them again!), UNC5174, and CL-STA-0048.
Meanwhile, China's government continues strengthening its own cybersecurity framework. The Ministry of Public Security recently announced three criminal cases involving personal information violations, including one where suspects deployed Trojan programs to steal customer data from education enterprises. Shanghai's Cyberspace Administration also cracked down on internet healthcare services that failed to meet cybersecurity obligations.
My advice? Patch your SAP and Ivanti systems immediately, implement calendar security policies, and conduct thorough supply chain risk assessments. Also, check your Google Calendar for any suspicious events - especially those with unusually large attachments or from unfamiliar sources.
Stay vigilant, stay patched, and remember: in cyberspace, the dragon never sleeps. This is Ting, signing off until next week's Digital Dragon Watch!
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
*Digital Dragon Watch: Weekly China Cyber Alert - May 29, 2025*
Hey there, cyber warriors! Ting here, bringing you the hottest China-related cyber threats faster than you can say "firewall breach." This week has been absolutely wild in the digital battleground between East and West, so let's dive right in!
The biggest story breaking right now involves Chinese state-backed hackers who've discovered an incredibly sneaky method of hiding malware inside Google Calendar events. Yes, you read that correctly - those seemingly innocent meeting reminders could be carrying malicious code! These crafty attackers are embedding stolen data within calendar entries and using other calendar events to deploy instructions to compromised systems.
But wait, there's more! The Chinese threat actor UNC5221 has been busy exploiting vulnerabilities in Ivanti Endpoint Manager Mobile software. Since May 15th, they've targeted organizations across healthcare, telecommunications, aviation, government, finance, and defense sectors in Europe, North America, and Asia-Pacific. These hackers clearly did their homework, showing deep understanding of EPMM's architecture by repurposing legitimate components for data exfiltration. Given that EPMM manages enterprise mobile devices, successful attacks could compromise thousands of devices across an organization.
And speaking of widespread attacks, multiple China-nexus APTs have exploited a critical SAP NetWeaver vulnerability (CVE-2025-31324) to breach critical infrastructure. Targets include natural gas distribution networks in the UK, medical device manufacturers, oil and gas companies in the US, and government ministries in Saudi Arabia. EclecticIQ researchers identified three distinct threat groups involved: UNC5221 (yes, them again!), UNC5174, and CL-STA-0048.
Meanwhile, China's government continues strengthening its own cybersecurity framework. The Ministry of Public Security recently announced three criminal cases involving personal information violations, including one where suspects deployed Trojan programs to steal customer data from education enterprises. Shanghai's Cyberspace Administration also cracked down on internet healthcare services that failed to meet cybersecurity obligations.
My advice? Patch your SAP and Ivanti systems immediately, implement calendar security policies, and conduct thorough supply chain risk assessments. Also, check your Google Calendar for any suspicious events - especially those with unusually large attachments or from unfamiliar sources.
Stay vigilant, stay patched, and remember: in cyberspace, the dragon never sleeps. This is Ting, signing off until next week's Digital Dragon Watch!
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
*Digital Dragon Watch: Weekly China Cyber Alert - May 29, 2025*
Hey there, cyber warriors! Ting here, bringing you the hottest China-related cyber threats faster than you can say "firewall breach." This week has been absolutely wild in the digital battleground between East and West, so let's dive right in!
The biggest story breaking right now involves Chinese state-backed hackers who've discovered an incredibly sneaky method of hiding malware inside Google Calendar events. Yes, you read that correctly - those seemingly innocent meeting reminders could be carrying malicious code! These crafty attackers are embedding stolen data within calendar entries and using other calendar events to deploy instructions to compromised systems.
But wait, there's more! The Chinese threat actor UNC5221 has been busy exploiting vulnerabilities in Ivanti Endpoint Manager Mobile software. Since May 15th, they've targeted organizations across healthcare, telecommunications, aviation, government, finance, and defense sectors in Europe, North America, and Asia-Pacific. These hackers clearly did their homework, showing deep understanding of EPMM's architecture by repurposing legitimate components for data exfiltration. Given that EPMM manages enterprise mobile devices, successful attacks could compromise thousands of devices across an organization.
And speaking of widespread attacks, multiple China-nexus APTs have exploited a critical SAP NetWeaver vulnerability (CVE-2025-31324) to breach critical infrastructure. Targets include natural gas distribution networks in the UK, medical device manufacturers, oil and gas companies in the US, and government ministries in Saudi Arabia. EclecticIQ researchers identified three distinct threat groups involved: UNC5221 (yes, them again!), UNC5174, and CL-STA-0048.
Meanwhile, China's government continues strengthening its own cybersecurity framework. The Ministry of Public Security recently announced three criminal cases involving personal information violations, including one where suspects deployed Trojan programs to steal customer data from education enterprises. Shanghai's Cyberspace Administration also cracked down on internet healthcare services that failed to meet cybersecurity obligations.
My advice? Patch your SAP and Ivanti systems immediately, implement calendar security policies, and conduct thorough supply chain risk assessments. Also, check your Google Calendar for any suspicious events - especially those with unusually large attachments or from unfamiliar sources.
Stay vigilant, stay patched, and remember: in cyberspace, the dragon never sleeps. This is Ting, signing off until next week's Digital Dragon Watch!
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
*Digital Dragon Watch: Weekly China Cyber Alert - May 29, 2025*
Hey there, cyber warriors! Ting here, bringing you the hottest China-related cyber threats faster than you can say "firewall breach." This week has been absolutely wild in the digital battleground between East and West, so let's dive right in!
The biggest story breaking right now involves Chinese state-backed hackers who've discovered an incredibly sneaky method of hiding malware inside Google Calendar events. Yes, you read that correctly - those seemingly innocent meeting reminders could be carrying malicious code! These crafty attackers are embedding stolen data within calendar entries and using other calendar events to deploy instructions to compromised systems.
But wait, there's more! The Chinese threat actor UNC5221 has been busy exploiting vulnerabilities in Ivanti Endpoint Manager Mobile software. Since May 15th, they've targeted organizations across healthcare, telecommunications, aviation, government, finance, and defense sectors in Europe, North America, and Asia-Pacific. These hackers clearly did their homework, showing deep understanding of EPMM's architecture by repurposing legitimate components for data exfiltration. Given that EPMM manages enterprise mobile devices, successful attacks could compromise thousands of devices across an organization.
And speaking of widespread attacks, multiple China-nexus APTs have exploited a critical SAP NetWeaver vulnerability (CVE-2025-31324) to breach critical infrastructure. Targets include natural gas distribution networks in the UK, medical device manufacturers, oil and gas companies in the US, and government ministries in Saudi Arabia. EclecticIQ researchers identified three distinct threat groups involved: UNC5221 (yes, them again!), UNC5174, and CL-STA-0048.
Meanwhile, China's government continues strengthening its own cybersecurity framework. The Ministry of Public Security recently announced three criminal cases involving personal information violations, including one where suspects deployed Trojan programs to steal customer data from education enterprises. Shanghai's Cyberspace Administration also cracked down on internet healthcare services that failed to meet cybersecurity obligations.
My advice? Patch your SAP and Ivanti systems immediately, implement calendar security policies, and conduct thorough supply chain risk assessments. Also, check your Google Calendar for any suspicious events - especially those with unusually large attachments or from unfamiliar sources.
Stay vigilant, stay patched, and remember: in cyberspace, the dragon never sleeps. This is Ting, signing off until next week's Digital Dragon Watch!
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI