At a glance.
- Sharp Panda deploys SoulSearcher malware in cyberespionage campaigns.
- Data breach at Acer exposes intellectual property.
- Large language models as an attractive nuisance.
- US Cyber Command head warns against underestimating Russia.
- CISA adds three known exploited vulnerabilities.
Sharp Panda deploys SoulSearcher malware in cyberespionage campaigns.
Check Point is tracking a Chinese cyberespionage operation that's targeting government entities in several Southeast Asian countries, including Vietnam, Thailand, and Indonesia. The threat actor is delivering the Soul malware framework via a new version of the SoulSearcher loader. The Soul framework was previously unattributed, but the researchers conclude based on this campaign that the malware is being used by one or more APTs based in China.
The operation has overlaps with previous campaigns by the Chinese APT “Sharp Panda,” though the researchers point out that since “sharing custom tools or operational methods is common among Chinese-based threat actors to facilitate intrusion efforts, it poses a challenge to their attribution.”