A Chinese state-sponsored hacking group known as RedNovember has targeted government and private organizations worldwide, utilizing tools like Pantegana, Cobalt Strike, and Spark RAT. Their operations focus on espionage through exploiting internet-facing perimeter devices, with recent activity in the US, Southeast Asia, and South America. #RedNovember #Storm-2077
Keypoints
- RedNovember is a threat actor linked to Chinese state-sponsored cyber espionage activities.
- The group targets high-profile organizations worldwide, including defense, aerospace, and government agencies.
- It exploits known security flaws in perimeter appliances from multiple vendors to gain initial access.
- The group uses open-source tools like Pantegana and Spark RAT to hide its tracks and maintain persistence.
- RedNovember has expanded its targets across various regions, including the US, Southeast Asia, and South America.
Read More: https://thehackernews.com/2025/09/chinese-hackers-rednovember-target.html