By using this site, you agree to the Privacy Policy and Terms of Use.
Accept

News Junction

Notification Show More
Font ResizerAa
  • Home
  • World News
    World NewsShow More
    Once ‘dead’ thrusters on the farthest spacecraft from Earth are in action again
    Once ‘dead’ thrusters on the farthest spacecraft from Earth are in action again
    May 15, 2025
    ‘Don’t know what to do’: Johor Bahru’s heritage businesses near RTS station grapple with rising rents, inflation
    ‘Don’t know what to do’: Johor Bahru’s heritage businesses near RTS station grapple with rising rents, inflation
    May 15, 2025
    Jurors view ‘Freak off’ images too graphic to be shown to public
    Jurors view ‘Freak off’ images too graphic to be shown to public
    May 15, 2025
    Gaza hospital attack: Analysis contradicts Israel’s evidence justifying airstrike | World News
    Gaza hospital attack: Analysis contradicts Israel’s evidence justifying airstrike | World News
    May 15, 2025
    For U.S. Defense Industry, These Minerals Really are ‘Critical’
    For U.S. Defense Industry, These Minerals Really are ‘Critical’
    May 14, 2025
  • Business
    BusinessShow More
    Ukraine blows up bridges to consolidate its positions in Russia
    Ukraine blows up bridges to consolidate its positions in Russia
    August 18, 2024
    Commentary: AI phones from Google and Apple will erode trust in everything
    Commentary: AI phones from Google and Apple will erode trust in everything
    August 18, 2024
    The most famous Indian Dishes – Insights Success
    The most famous Indian Dishes – Insights Success
    August 18, 2024
    Life on the road as a female long rides cyclist
    Life on the road as a female long rides cyclist
    August 18, 2024
    UK inflation rises to 2.2%
    UK inflation rises to 2.2%
    August 18, 2024
  • Cryptocurrency
    CryptocurrencyShow More
    MOODENG price drops 14% to alt=
    MOODENG price drops 14% to $0.2613 after 703% weekly rally
    May 15, 2025
    Bitwise CIO bats for diversified crypto investment, compares Bitcoin to Google
    Bitwise CIO bats for diversified crypto investment, compares Bitcoin to Google
    May 15, 2025
    The Role of Altcoins in 2025’s Crypto Market
    The Role of Altcoins in 2025’s Crypto Market
    May 15, 2025
    Bitcoin Spread Oscillator Signals Growing Altcoin Momentum – Altseason Entry Signal?
    Bitcoin Spread Oscillator Signals Growing Altcoin Momentum – Altseason Entry Signal?
    May 15, 2025
    Dan Morehead Sees Decades of Bitcoin (BTC) Upside Ahead as Pantera Bets on Broad Crypto Future
    Dan Morehead Sees Decades of Bitcoin (BTC) Upside Ahead as Pantera Bets on Broad Crypto Future
    May 15, 2025
  • Technology
    TechnologyShow More
    How to Improve Your Spotify Recommendations
    How to Improve Your Spotify Recommendations
    August 18, 2024
    X says it’s closing operations in Brazil
    X says it’s closing operations in Brazil
    August 18, 2024
    Supermoon set to rise: Top tips for amateur photographers | Science & Tech News
    Supermoon set to rise: Top tips for amateur photographers | Science & Tech News
    August 18, 2024
    Scientists Want to See Videos of Your Cat for a New Study
    Scientists Want to See Videos of Your Cat for a New Study
    August 18, 2024
    OpenAI’s new voice mode let me talk with my phone, not to it
    OpenAI’s new voice mode let me talk with my phone, not to it
    August 18, 2024
  • Entertainment
  • Sports News
  • People
  • Trend
Reading: Chinese cyber attack sparks alert over six year old MS vuln
Share
Font ResizerAa

News Junction

  • World News
  • Business
  • Technology
  • Cryptocurrency
  • Trend
  • Entertainment
Search
  • Recent Headlines in Entertainment, World News, and Cryptocurrency – NewsJunction
  • World News
  • Business
  • Cryptocurrency
  • Technology
  • Entertainment
  • Sports News
  • People
  • Trend
Have an existing account? Sign In
Follow US
News Junction > Blog > Technology > Chinese cyber attack sparks alert over six year old MS vuln
Chinese cyber attack sparks alert over six year old MS vuln
Technology

Chinese cyber attack sparks alert over six year old MS vuln

Published August 5, 2024
Share
3 Min Read
SHARE

The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft vulnerability dating back to 2018 to its Known Exploited Vulnerabilities (KEV) catalogue after evidence emerged that it is being used in an attack chain by the China-backed APT41 advanced persistent threat group.

CVE-2018-0824 was first addressed by Microsoft in the May 2018 Patch Tuesday update. It is a remote code execution (RCE) flaw in Microsoft COM for Windows resulting from a failure to properly handle serialised objects.

To successfully take advantage of it, an attacker must convince an at-risk end-user to open and run a specially-crafted file or script to perform actions, which could be achieved either via a phishing attack or by luring them to a compromised website.

Back in 2018, Microsoft said the vulnerability was neither publicly-disclosed nor known to be exploited, and the risk of this happening appeared to be relatively low. However, on 1 August 2024 Cisco’s Talos threat research unit disclosed evidence of a malicious campaign by APT41 that leveraged CVE-2018-0824 in the attack chain.

This campaign appears to have started in mid-2023 and was aimed at a government-affiliated research institute located in Taiwan, in which APT41 delivered the ShadowPad malware, Cobalt Strike and other custom tools for post-compromise activity.

As part of the attack, researchers also discovered that APT41 created a tailored loader to inject a proof-of-concept (PoC) malware, dubbed UnmarshalPwn, that exploits CVE-2018-0824 directly into memory. In this way they were able to effectively elevate their privileges within the victim’s systems.

The Talos team, comprising Joey Chen, Ashley Shen and Vitor Ventura, said that APT41 may have already used the same attack chain against others.

“With the artifacts we found in this campaign, we pivoted and discovered some samples and infrastructure that were likely used by the same threat actors but in different campaigns,” they said.

“Although we don’t have further visibility into more details about these campaigns at the moment, we hope that by revealing this information, it would empower the community to connect the dots and leverage these insights for additional investigations.”

CISA’s KEV catalogue is a resource primarily designed to enforce prompt and effective patching across agencies of the US federal government, which are legally bound to implement its guidance within a specific timeframe – in this instance by 26 August 2024, three weeks from now.

However, the addition of an exploited vulnerability to the list is a signal that all organisations should be aware of and address in short order. More information on the attack chain and analysis of the tools used against the Taiwanese victim are available from Cisco Talos.

#Chinese #cyber #attack #sparks #alert #year #vuln

TAGGED:alertattackChineseCybersparksvulnyear
Share This Article
Facebook Twitter Pinterest Whatsapp Whatsapp LinkedIn Email Copy Link Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article Refrigerated Reach-In Storage Solutions : Reach-In Storage Solution Refrigerated Reach-In Storage Solutions : Reach-In Storage Solution
Next Article Buffett move to sell stocks, raise cash before sell-off a wake-up call Buffett move to sell stocks, raise cash before sell-off a wake-up call
- Advertisement -

Latest Post

Once ‘dead’ thrusters on the farthest spacecraft from Earth are in action again
Once ‘dead’ thrusters on the farthest spacecraft from Earth are in action again
World News
MOODENG price drops 14% to alt=
MOODENG price drops 14% to $0.2613 after 703% weekly rally
Cryptocurrency
Bitwise CIO bats for diversified crypto investment, compares Bitcoin to Google
Bitwise CIO bats for diversified crypto investment, compares Bitcoin to Google
Cryptocurrency
The Role of Altcoins in 2025’s Crypto Market
The Role of Altcoins in 2025’s Crypto Market
Cryptocurrency
‘Don’t know what to do’: Johor Bahru’s heritage businesses near RTS station grapple with rising rents, inflation
‘Don’t know what to do’: Johor Bahru’s heritage businesses near RTS station grapple with rising rents, inflation
World News
Bitcoin Spread Oscillator Signals Growing Altcoin Momentum – Altseason Entry Signal?
Bitcoin Spread Oscillator Signals Growing Altcoin Momentum – Altseason Entry Signal?
Cryptocurrency
- Advertisement -

You Might Also Like

X, formerly Twitter, now lets paid users hide their checkmarks
Technology

X, formerly Twitter, now lets paid users hide their checkmarks

August 2, 2023
Getting to Know You: Federico Charosky, Founder & CEO, Quorum Cyber
Business

Getting to Know You: Federico Charosky, Founder & CEO, Quorum Cyber

January 28, 2024
Israel preparing underground bunker for Iranian attack – media — RT World News
World News

Israel preparing underground bunker for Iranian attack – media — RT World News

August 5, 2024
Dough Finance flash loan attack: What we know so far
Cryptocurrency

Dough Finance flash loan attack: What we know so far

July 14, 2024

About Us

NEWS JUNCTION (NewsJunction.xyz) Your trusted destination for global news. Stay informed with our timely and accurate reporting on diverse topics, including politics, technology, science, entertainment, sports, and more. Count on us for unbiased and reliable updates at your fingertips.

Quick Link

  • About
  • Disclaimer
  • Privacy Policy
  • Terms of Use
  • Contact

Top Categories

  • World News
  • Business
  • Technology
  • Entertainment
  • Cryptocurrency
  • Sports News
  • Trend
  • People

Subscribe

Subscribe to our newsletter to get our newest articles instantly!

    © 2023 News Junction.
    • Blog
    • Advertise
    • Contact
    Welcome Back!

    Sign in to your account

    Username or Email Address
    Password

    Lost your password?