Microsoft warns that Chinese threat actors are using the Quad7 botnet (also known as CovertNetwork-1658 or xlogin) for password-spray attacks to steal credentials. The botnet, first spotted in 2023, targets multiple devices through brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts. Chinese groups like Storm-0940 use these stolen credentials for additional exploitation of network services. Microsoft offers mitigation advice to affected customers.
Signature Healthcare in Brockton hit by cybersecurity incident – boston.com
Signature Healthcare in Brockton hit by cybersecurity incident boston.com
