Join us and deep dive into the world of cyber espionage, and pull back the curtain on the strategies employed by China-nexus threat actors. We'll examine the activity from the threat groups tracked as UNC4841 and UNC5221 who exploited zero-day vulnerabilities in the Barracuda Email Security Gateway (ESG) and Ivanti Connect Secure (ICS) VPN appliances. Through an in-depth analysis of these cases, we will explore how these actors not only exploit zero-day vulnerabilities but also adapt their methodologies to response effort. We will shed light on the cutting-edge tactics, techniques, and procedures (TTPs) these adversaries use, including the deployment of novel malware and the strategic use of evasion techniques. By attending this talk, participants will gain insights into the modus operandi of both UNC4841 and UNC5221, the consequences of the campaigns, and the collaboration efforts involved in uncovering the operations. In addition, we will cover the impacts of cyber espionage activity on national security, compare and contrast the two campaigns, and provide actionable recommendations for defenders.