Nation-State CISA, FBI Confirm China Hacked Telecoms Providers for Spying CISA and the FBI have confirmed that Chinese hackers compromised the networks of telecommunications companies to spy on specific targets. Ionut ArghireNovember 14, 2024
Nation-State China’s Volt Typhoon Rebuilding Botnet Security researchers say the botnet created by China’s Volt Typhoon re-emerged recently, leveraging the same core infrastructure and techniques. Eduard KovacsNovember 13, 2024
Nation-State US Gov Agency Urges Employees to Limit Phone Use After China ‘Salt Typhoon’ Hack The US government's CFPB sent an email with a simple directive: “Do NOT conduct CFPB work using mobile voice calls or text messages.” SecurityWeek NewsNovember 8, 2024
Nation-State NCSC Details ‘Pygmy Goat’ Backdoor Planted on Hacked Sophos Firewall Devices A stealthy network backdoor found on hacked Sophos XG firewall devices is programmed to work on a broader range of Linux-based devices. Ryan NaraineNovember 1, 2024
Endpoint Security Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days British EDR vendor Sophos details a years-long “cat-and-mouse” tussle with sophisticated Chinese government-backed hackers. Ryan NaraineOctober 31, 2024
Cyberwarfare Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets Service Providers Amidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers. Ryan NaraineAugust 28, 2024
Cyberwarfare China’s Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs. Ryan NaraineAugust 26, 2024
Cyberwarfare US Treasury Slaps Sanctions on China-Linked APT31 Hackers The US Treasury Department sanctions a pair of Chinese hackers linked to “malicious cyber operations targeting US critical infrastructure sectors.” Ryan NaraineMarch 25, 2024
Government Five Eyes Agencies Issue New Alert on Chinese APT Volt Typhoon Government agencies in the Five Eyes countries warn critical infrastructure entities of Chinese state-sponsored hacking group Volt Typhoon. Ionut ArghireMarch 20, 2024
ICS/OT China’s Volt Typhoon Hackers Are Exfiltrating Sensitive OT Data Volt Typhoon and two other threat groups that emerged in 2023 can pose a serious threat to ICS/OT, according to industrial cybersecurity firm Dragos. Eduard KovacsFebruary 20, 2024
Malware & Threats US Says China’s Volt Typhoon Hackers ‘Pre-Positioning’ for Cyberattacks Against Critical Infrastructure New CISA alert includes technical mitigations to harden attack surfaces and instructions to hunt for the Chinese government-backed hackers. Ryan NaraineFebruary 7, 2024
Cyberwarfare US Says It Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director... Associated PressJanuary 31, 2024