CISA, NSA, and Canadian Cyber Centre update Brickstorm analysis with new Rust-based variants - Industrial Cyber

CISA, NSA, and Canadian Cyber Centre announce update of the Brickstorm analysis with new Rust-based variants.

Joint malware analysis report on Brickstorm backdoor - Canadian Centre for Cyber Security

This joint report warns that People’s Republic of China (PRC) state-sponsored threat actors are using Brickstorm malware for long-term persistence on victims’ systems.

„Brickstorm“-Hintertür in VMware vSphere: Warnung vor Angriff aus China

Die CISA und die NSA warnen vor einem hochentwickelten Angriff auf Technik von VMware, mit dem sich Akteure aus China einen dauerhaften Zugang sichern könnten.

Cti-TRANSMUTE

CISA/NSA et le Cyber Centre analysent BRICKSTORM, une backdoor Go ciblant VMware vSphere

Selon un rapport TLP:CLEAR publié par la Cybersecurity and Infrastructure Security Agency (CISA), la National Security Agency (NSA) et le Centre canadien pour la cybersécurité, des acteurs étatiques de la RPC utilisent le malware BRICKSTORM pour maintenir une persistence de longue durée dans des environnements VMware vSphere (vCenter/ESXi) et aussi des environnements Windows. L’analyse couvre 8 échantillons et inclut des IOCs, des règles YARA et Sigma, ainsi que des recommandations de détection et d’atténuation.

Chinese State Hackers Use New BRICKSTORM Malware Against VMware Systems

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

CISA Exposes 'BRICKSTORM' Backdoor Used by Chinese State Actors to Infiltrate US Government

CISA, NSA, and the Canadian Cyber Centre have issued a joint alert on BRICKSTORM, a stealthy backdoor used by Chinese state-sponsored actors to target government and IT sectors. Learn the TTPs and mitigations.

CISA warns of Chinese "BrickStorm" malware attacks on VMware servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned network defenders of Chinese hackers backdooring VMware vSphere servers with Brickstorm malware.