Edward Kiledjian's Threat Intel

Chinese Spies Target Networking and Virtualization Flaws to Breach Isolated Environments - SecurityWeek

A Chinese cyberespionage group, Fire Ant, is targeting VMware and F5 vulnerabilities to breach isolated environments. The group exploits vulnerabilities in vCenter Server and ESXi hosts to gain access to guest environments, demonstrating a deep understanding of network architecture to bypass segmentation controls. Fire Ant’s activities, including tooling and attack vectors, align with previous research on the threat group UNC3886.