Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

One of the vulnerabilities patched by Microsoft Tuesday has been exploited by a Chinese cyberespionage group since at least August. The attack campaigns targeted IT companies, defense contractors and diplomatic entities.

[ Discover Windows 11’s best security features. | Get the latest from CSO by signing up for our newsletters. ]

According to researchers from Kaspersky Lab, the malware deployed with the exploit and its command-and-control infrastructure point to a connection with a known Chinese APT group tracked as IronHusky that has been operating since 2017, but also with other China-based APT activity going back to 2012.

To read this article in full, please click here

Read the article