The StormCloud Chinese threat group used a compromised Internet Service Provider (ISP) to distribute malware that spoofed software updates. The attackers exploited a vulnerable HTTP software system that failed to authenticate digital signatures. The DNS spoofing campaign impacted Windows and macOS devices. The attack explained Once the hackers breached the Internet Service Provider, they gained […]
The post StormCloud Hacks ISP to Spread Malware Posing as Software Updates appeared first on Heimdal Security Blog.