France’s cybersecurity agency has revealed that a Chinese hacking group has targeted government, telecommunications, media, finance and transport sectors in the country using zero-day vulnerabilities in Ivanti Cloud Service Appliance devices.
The campaign, detected at the beginning of September 2024, has been attributed to a distinct intrusion set codenamed Houken, which is assessed to share some level overlaps with a threat cluster tracked by Google Mandiant under the moniker UNC5174 (aka Uteus or Uetus).