Taiwanese government-affiliated research institute
APT41, a China-linked cyber threat group, compromised a Taiwanese government-affiliated research institute employing sophisticated tools like ShadowPad and Cobalt Strike. The attack involved exploiting vulnerabilities in Microsoft Office to initiate payload delivery, followed by document exfiltration, persistent access through web shells, and sophisticated evasion techniques. The institute suffered a breach of security systems resulting in the leakage of sensitive documents, possibly impacting governmental operations and data security. This incident has emphasized the need for robust cybersecurity measures within institutions that are integral to national infrastructure.
"id": "cis005080624",
"linkid": "cisco-talos-intelligence-group",
"type": "Breach",
"date": "8/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"