Chinese hackers install backdoors via Cisco email zero-day

Deutsch

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

Building on initial reports from December 19, Cisco Talos researchers revealed more on the zero-day campaign targeting email security appliances. The suspected Chinese-linked group roots devices to install backdoors and tools that erase logs, enabling stealthy persistence likely for espionage.

No patch is available yet, prompting urgent monitoring for anomalous activity. This aligns with patterns of state-sponsored attacks on network hardware, emphasizing zero-day risks in enterprise defenses.

Verwandte Artikel

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
Bild generiert von KI

Linux CopyFail exploit threatens root access amid Ubuntu outage

Von KI berichtet Bild generiert von KI

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

Dell zero-day flaw unpatched for nearly two years

A security vulnerability in Dell software has reportedly remained unpatched for almost two years, allowing Chinese hackers to exploit it. The flaw involves hardcoded login credentials in a tool, raising concerns about data security.

FBI urges router security steps after Russian GRU attacks

Von KI berichtet

US federal agencies have disclosed that Russian military intelligence compromised thousands of small office and home routers, urging owners to take immediate protective measures.

Technologie

Daemon Tools app hit by monthlong supply-chain attack

Technologie

Veeam patches three critical security flaws in backup servers

Linux

US government issues urgent CopyFail warning as Linux patches roll out

Experts claim ransomware attacks increasingly target firewalls

Security experts are warning that ransomware attacks are now more frequently targeting firewalls. They advise organizations to secure these critical network defenses promptly. The alert comes amid rising cyber threats.

Iran-linked hackers disrupt Stryker's network in apparent retaliation

Von KI berichtet

A cyberattack attributed to the Iran-aligned Handala Hack group has disrupted the Microsoft environment of medical device maker Stryker, paralyzing much of its global operations. The incident, which emerged shortly after US and Israeli airstrikes on Iran, involved data wiping across tens of thousands of computers. Stryker confirmed the attack is contained, with no impact on its critical medical devices.

Dienstag, 07. April 2026, 17:23 Uhr

Westliche behörden warnen vor russischen hackern auf tp-link-routern

Mittwoch, 11. März 2026, 14:00 Uhr

Google report warns of shifting cloud threat landscape

Mittwoch, 11. März 2026, 02:47 Uhr

Niederländischer Geheimdienst wirft Russland Hackerangriffe auf WhatsApp und Signal vor

Samstag, 07. März 2026, 21:02 Uhr

Fake IT support scam infects company devices with Havoc malware

Donnerstag, 26. Februar 2026, 11:39 Uhr

Zyxel warns of critical RCE flaw in over a dozen routers

Freitag, 13. Februar 2026, 14:32 Uhr

Fake Chrome AI extensions targeted over 300,000 users

Mittwoch, 11. Februar 2026, 00:43 Uhr

Researchers discover SSHStalker botnet infecting Linux servers

Diese Website verwendet Cookies

Wir verwenden Cookies für Analysen, um unsere Website zu verbessern. Lesen Sie unsere Datenschutzrichtlinie für weitere Informationen.
Ablehnen