Season 4 · Episode 207
#207 - Intel Chat: MirrorFace, Neptune, Sparrow door & CrushFTP
The Cybersecurity Defenders Podcast · Christopher
April 11, 202530m 17s
Audio is streamed directly from the publisher (podcast.wistia.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community.
- Japanese law enforcement has publicly linked a Chinese state-sponsored threat group known as MirrorFace to a series of cyberattacks that have targeted Japan over the past five years.
- Researchers at Cyfirma have detailed a new campaign where attackers are using a Remote Access Trojan (RAT) dubbed Neptune to hijack Windows systems.
- Researchers have discovered new variants of a previously identified Linux backdoor known as SparrowDoor, believed to be the work of a North Korean state-sponsored group known as Kimsuky.
- CISA has added a recently disclosed vulnerability in CrushFTP (tracked as CVE-2024-4040) to its Known Exploited Vulnerabilities (KEV) catalog.