Mandiant and VMware recently uncovered a sophisticated cyber espionage campaign. The attackers, a Chinese group identified as UNC3886, leveraged a known vulnerability in VMware software (CVE-2023-34048) to maintain access to the targeted systems for over a year. This case highlights the importance of staying vigilant against persistent and evolving cyber threats. Mandiant’s investigation revealed that … Read more
Chinese state-sponsored hackers known as UNC3886 have been abusing a zero-day vulnerability in VMware and Fortinet devices for years, experts have revealed. A report from Mandiant claims the group used the flaw to deploy malware, steal credentials, and ultimately exfiltrate sensitive data. The flaw in question is tracked as CVE-2023-34048. It carries a severity score … Read more
Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. “UNC3886 has a track record of utilizing zero-day vulnerabilities … Read more
A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021. The flaw was patched in October, with VMware confirming this Wednesday that it’s aware of CVE-2023-34048 in-the-wild exploitation, although it didn’t share any other details on the attacks. However, as security firm Mandiant revealed … Read more