Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

Off IT Securty Articles,

What’s new: Chinese cyber espionage groups, including Murky Panda, Genesis Panda, and Glacial Panda, have intensified their operations targeting cloud and telecommunications sectors. Murky Panda exploits trusted relationships and known vulnerabilities to gain access to enterprise networks, while Genesis Panda focuses on cloud service provider accounts for intelligence collection. Glacial Panda targets telecommunications organizations, exfiltrating sensitive data using known vulnerabilities and weak passwords.

Who’s affected

Organizations in government, technology, academia, legal, professional services, financial services, media, telecommunications, and technology sectors across North America and other regions are at risk. Specific vulnerabilities exploited include CVE-2023-3519 (Citrix NetScaler) and CVE-2021-4034 (PwnKit).

What to do

  • Implement robust security measures for internet-facing appliances and cloud services.
  • Regularly update and patch systems to mitigate known vulnerabilities.
  • Conduct security assessments to identify and remediate weak passwords and misconfigurations.
  • Monitor for unusual access patterns and unauthorized changes in cloud environments.

Sources

Tags: ,

Related posts

About The Author