all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

GIMMICK Implant Used by StormCloud APT Targeting Users in Asia

Add to bookmarks
March 23, 2022, 7:30 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware of a new variant of the GIMMICK malware that is targeting Asian users. Discovered by researchers at Volexity, the GIMMICK implant has been attributed to the StormCloud APT group. According to the report, GIMMICK variants for macOS and Windows environments were seen. It also has been observed to be using File based command and control, specifically Google Cloud. GIMMICK has been attributed to nation state actors operating out of China. What is GIMMICK?GIMMICK is an implant …

apt asia gimmick targeting

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 2 days, 9 hours ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 2 weeks ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 3 weeks ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 3 weeks, 1 day ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 3 weeks, 2 days ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 month, 3 weeks ago | fortiguard.fortinet.com
access advisory application attackers +28
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410) 2 months ago | fortiguard.fortinet.com
attacks can critical cve +27
Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893) 2 months, 1 week ago | fortiguard.fortinet.com
advisory application authentication authentication bypass +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Officer Hospital Mission Viejo

@ Allied Universal | Mission Viejo, CA, United States
View on infosec-jobs.com

Junior Offensive Cyber Security Researcher

@ Draper | Cambridge, MA, United States
View on infosec-jobs.com

Consultant reporting reglementaire

@ Talan | Luxembourg, Luxembourg
View on infosec-jobs.com

Chief Information Security Officer

@ Kantox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs