Saturday, May 24, 2025

Lloyds and Nationwide to Leverage UK Finance Sector’s LLM Technology

Microsoft Mobilizes Team to Combat Threat of Lumma Malware

DSIT Allocates £5.5 Million for New Project Funding

Dell Technologies Customers Creating Practical AI Applications

Vast Data Soars into the AI Stratosphere with AgentEngine Launch

Third-Party Weak Links Threaten Robust Fintech Security Posture

Capital One Expands Data Tokenization Efforts

Government Establishes Guidelines for 10-Year R&D Commitment

Dell Technologies showcases its hardware solutions for AI data centers.

Chinese spies exploit vulnerable home office equipment for cyber attacks.

An international alert issued by the Five Eyes allied cyber agencies revealed that the China-backed APT40 has been actively targeting new victims by exploiting vulnerabilities in small office and home office (SoHo) networking devices. These devices serve as a staging post for command and control (C2) activity during attacks.

The Australian Cyber Security Centre (ACSC) highlighted APT40’s repeated targeting of networks using compromised SoHo devices. These devices are considered easier targets for malicious actors compared to large enterprise equivalents due to being end-of-life or unpatched.

APT40 has also been known to use procured or leased infrastructure for victim-facing C2 activities, although this practice appears to be declining. The group’s tradecraft continues to evolve, with a focus on covert operations that challenge network defenders.

Despite efforts to remediate attacks, APT40 remains a notable threat with advanced capabilities and a history of targeting various sectors. To mitigate an APT40 intrusion, security teams are advised to maintain up-to-date logging, prompt patch management, and implement network segmentation. Other measures include disabling unnecessary network services, enforcing least privilege policies, and implementing multifactor authentication.