November 27, 2024 at 06:54PM The China-linked Salt Typhoon gang, known for targeting U.S. telecommunications, has expanded globally since 2023, affecting over 20 organizations across various sectors. Their toolkit includes new malware called GhostSpider and the Demodex rootkit. Their tactics involve exploiting server vulnerabilities and using legitimate tools for stealthy infiltration and espionage. ### Meeting … Read more
November 26, 2024 at 03:23PM Salt Typhoon, a Chinese advanced persistent threat (APT), has been spying on high-value government and telecommunications organizations globally since 2023, deploying new malware like GhostSpider. Known for its sophisticated strategies, the group uses various attack methods, including exploiting vulnerabilities in Internet-facing devices, to infiltrate networks and access sensitive information. ### … Read more
November 26, 2024 at 06:18AM The Chinese threat actor Earth Estries has been targeting Southeast Asian telecommunications and government networks using a new backdoor, GHOSTSPIDER, along with MASOL RAT. Compromising over 20 entities globally, they exploit various vulnerabilities for cyber espionage, showcasing advanced tactics and a sophisticated operational structure. Recent attacks indicate a significant evolution … Read more
November 25, 2024 at 11:14AM The Chinese state-sponsored hacking group Salt Typhoon is using a new “GhostSpider” backdoor to target telecommunication service providers, indicating an escalation in their cyber-attack strategies. ### Meeting Takeaways: 1. **Threat Actor Identified**: The hacking group known as Salt Typhoon, which is state-sponsored by China, is actively conducting cyberattacks. 2. **New … Read more
November 25, 2024 at 03:34AM Earth Estries, a Chinese APT group, has been targeting critical sectors globally since 2023, utilizing advanced malware like GHOSTSPIDER and SNAPPYBEE. Their tactics involve exploiting public server vulnerabilities for espionage, impacting over 20 organizations across various industries. They employ a complex command-and-control infrastructure, indicating shared tools with other APTs. **Meeting … Read more