September 21, 2023

Chinese state-sponsored threat groups have been observed targeting businesses and governments in the European Union. This was claimed by ENISA and CERT-EU.

Earlier last week, a joint advisory was published stating that  particular  advance persistent threat groups like APT27, APT30, APT31, Ke3chang, Gallium and Mustang Panda were indulged in these activities.

Advertisements

These malicious cyber activities, which had significant effects, targeted government institutions and political organizations in the EU and Member States, as well as key European industries.

ENISA and CERT-EU said that the recent operations pursued by these actors focused on information theft, primarily via establishing persistent footholds within the network infrastructure of organizations of strategic relevance.

ENISA says the  defenders should follow guidelines provided in the joint publication as well as the cybersecurity mitigation measures against critical threats compiled by CERT-EU.

Some of the recommendations are as follows

  • Following hardening guidelines,
  • Managing admin accounts
  • Managing critical assets
  • Ensuring proper access controls for end users and external third-party contractors.
Advertisements

These recommendations aim to reduce the risk of being compromised by the mentioned APTs, as well as substantially improve the cybersecurity posture and enhance the overall resilience of these organizations against cyberattack.

Tags:

Leave a Reply

You may have missed

Snatch ransomware Dissection

September 21, 2023

Fortinet Fixes Vulnerabilities in FortiOS

September 20, 2023

Trend Micro Endpoint Vulnerability – CVE-2023-41179

September 20, 2023

GitLab Addresses Critical Vulnerability -CVE-2023-4998

September 20, 2023

Crowdstrike New Offerings and Bionic.ai Acquisition

September 20, 2023

Microsoft AI exposed terabytes of data accidentally

September 19, 2023
%d bloggers like this: