Three Buddy Problem Who’s hacking who? Ivanti 0-days in France, China outs 'Night Eagle' APT
Jul 3, 2025
Dive into the latest cybersecurity revelations, highlighting France's exposure to Ivanti VPN zero-days and the intricate links to a North American threat actor known as 'Night Eagle.' Explore the complexities of cyber attribution, particularly amid geopolitical tensions and the reliability of threat intelligence from different regions. The hosts also discuss significant breaches, like Iran's Nobitex crypto-exchange hack, and ponder the implications of containment claims surrounding China's 'Salt Typhoon.' It's a fascinating look at the evolving landscape of cyber threats!
AI Snips
Chapters
Transcript
Episode notes
ANSI Exposes Chinese Ivanti Zero-Days
- French agency ANSI's report reveals Chinese-linked Ivanti VPN zero-days as part of large initial access operations.
- These groups target network appliances for initial intrusions, aiding more sophisticated attackers downstream.
Night Eagle Exposed by Chinese Firm
- Chinese security firm Tianxin Pango exposed a North American-linked Night Eagle APT using stealthy Exchange zero-days.
- Attribution remains uncertain, complicated by tactical deception and political contexts.
Chinese Tech Firms Targeted for Espionage
- Intelligence shows attack focus on Chinese AI and semiconductor sectors, indicating economic espionage and strategic anxiety.
- Analysts caution restraint in attributing intent without detailed operational data.