TheRegister's platform is a leading technology news website, offering insights into IT industry news, hardware reviews, and software updates. Through articles, analysis, and opinion pieces, TheRegister offers insights into cybersecurity threats, technology trends, and industry developments. Readers can stay updated with the latest news and analysis from the world of technology and IT business.

The Register

Chinese APT group UAT-7237 compromised a Taiwanese web hosting provider using known vulnerabilities on unpatched servers. The group deployed custom malware including SoundBill shellcode loader and used tools like JuicyPotato for privilege escalation, Cobalt Strike for backdoor access, and SoftEther VPN for persistent access. Cisco Talos identified this as a subgroup of UAT-5918 with distinct tactics, focusing on selective web shell deployment and credential theft through various methods including Mimikatz and registry searches.

Typhoon-adjacent crew breaking into Taiwanese web host