The 8220 gang has been discovered exploiting a vulnerability in the Oracle WebLogic Server (CVE-2020-14883) to spread malware, according to Imperva Threat Research. Active since 2017, the group typically deploys cryptocurrency miners on Linux and Windows hosts by exploiting known weaknesses. Recently, they have been targeting healthcare, telecommunications and financial services in the US, South Africa, Spain, Columbia, and Mexico.
China-linked Mustang Panda deploys advanced SnakeDisk USB worm – Security Affairs
China-linked Mustang Panda deploys advanced SnakeDisk USB worm Security Affairs
