RedAlpha Group from China Attacks NGOs

A hacker group that is thought to be backed by the Chinese government, RedAlpha reportedly managed to mass attack humanitarian activists, think tanks and a number of state institutions within a year. They reportedly succeeded in hacking to access the email accounts and chat communications of their victims, both personal and institutional.

CitizenLab started reporting on this hacker group last January 2018 in its report. Since then, this group has not stopped carrying out espionage, surveillance and information theft for some Tibetans and Indians through a malware called NjRAT backdoor.

Since then, malicious activities undertaken by the group have involved weaponizing as many as 350 domains that spoof legitimate entities such as the International Federation for Human Rights (FIDH), Amnesty International, the Mercator Institute for China Studies (MERICS), Radio Free Asia (RFA) ), and the American Institute in Taiwan (AIT), among others.

Some of the early attacks started by spreading fake emails containing malicious PDF files that would force the victim to visit a website address that had been modified in such a way as to collect and steal the victim's data.

The RedAlpha cluster further appears to be connected to a Chinese information security company known as Jiangsu Cimer Information Security Technology Co. Ltd. (formerly Nanjing Qinglan Information Technology Co., Ltd.), underscoring the continued use of private contractors by intelligence agencies in the country.

Comments

How to Install Traefik in Debian (Without Docker)

Download the suitable version of Traefik for your system from here: https://github.com/traefik/traefik/releases as an example, we'll be download the linux 64 bit version: wget https://github.com/traefik/traefik/releases/download/v2.8.7/traefik_v2.8.7_linux_amd64.tar.gz extract those package: tar -xzvf traefik_v2.8.7_linux_amd64.tar.gz set the traefik as executable and move the traefik binary to linux bin folder

Cara Disable Antimalware Service Executable di Windows 10

Disadari atau tidak, Windows 10 (dan juga windows-windows lainnya) hadir dengan banyak sekali aplikasi bloatware (aplikasi yang tidak perlu-perlu amat dimiliki oleh end user). Contohnya, adalah aplikasi yang seharusnya sudah tergantikan fungsinya oleh antivirus, seperti Antimalware Service Executable . Aplikasi ini dicurigai membuat Windows 10 mengalami inefisiensi memori/RAM, memakan resource yang tinggi, dengan Load yang tinggi (tanpa limit terkadang). Nah, berikut adalah cara men-disable nya: Tekan tombol Windows + I untuk membuka apliaksi Windows Setting. Pilih icon menu Update and Security Pilih lagi menu disamping kiri Windows Security Pada jendela baru yang muncul, ada pilihan Virus & Threat protection Klik ini Lalu matikan proses Real-time protection tersebut. Dengan Regedit. Buka dialog regedit, Windows + R dan ketik ‘regedit’ Cari Folder regedit ini HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Buat sebuah DWORD baru dengan klik kanan

Setup Debian 11 Official Repository In sources.list (/etc/apt/sources.list)

When you install Debian 11 using a DVD, the OS installer sets the DVD as the source for getting packages for your system if you didn't choose to scan for network mirrors. Due to this reason, the system would ask you to insert a DVD if the disc is not present in the DVD drive when you try to install any software. Also, the packages on DVD may not be the latest release. So, we need to get the packages from the Internet. Media change: please insert the disc labeled 'Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 DVD Binary-1 20210814-10:04' in the drive '/media/cdrom/' and press [Enter] The /etc/apt/sources.list file with DVD as a source would look something like below. # deb cdrom:[Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 DVD Binary-1 20210814-10:04]/ bullseye contrib main deb cdrom:[Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 DVD Binary-1 20210814-10:04]/ bullseye contrib main deb http://security.debian.org/debian-security bullseye-security

How Emka Learn Linux

Search This Blog