Skip to Content

APT TA413

Updated on 2022-09-27

Chinese APT TA413 exploited flaws in Sophos Firewall and Microsoft Office to deliver a previously undetected backdoor, dubbed LOWZERO, as part of a cyberespionage campaign against Tibetan entities.

Overview: TA413

On the same note, Recorded Future also has a report on TA413, a suspected Chinese APT group that’s targeting Tibetans, another of China’s favorite-to-abuse minority groups.

Over the first half of 2022, we have observed TA413 exploit a now-patched zero-day vulnerability targeting the Sophos Firewall product (CVE-2022-1040), weaponize the “Follina” (CVE-2022-30190) vulnerability shortly after discovery and publication, and employ a newly observed custom backdoor we track as LOWZERO in campaigns targeting Tibetan entities.

Read more in

Posted on  - Last updated:

Categories Cybersecurity

Home > APT TA413

    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on pupuweb.com