China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

October 15, 2024 at 04:54AM China’s CVERC claims the Volt Typhoon cyber threat is a U.S. fabrication, alleging U.S. cyber espionage against multiple countries. They assert there’s strong evidence of U.S. false flag operations and misuse of technology to mislead investigations. The report calls for international collaboration on cybersecurity and counter-threat technology. **Meeting Takeaways:** 1. … Read more

China again claims Volt Typhoon hack gang was invented by the US to discredit it

October 14, 2024 at 09:22PM China’s authorities have released a document alleging that the Volt Typhoon threat actor is a US invention, contesting earlier claims of Chinese involvement. The document reiterates previous points, citing a lack of evidence from US officials. It advocates for international cybersecurity collaboration while critiquing US surveillance practices. ### Meeting Notes … Read more

Using Transparency & Sharing to Defend Critical Infrastructure

September 6, 2024 at 10:05AM Summary: Protecting critical infrastructure from state-sponsored cyber threats, such as Volt Typhoon, is crucial for public safety and national security. Transparency, information sharing, and strong partnerships between public and private sectors are essential for combating these threats. Utilizing software bills of materials and observability can help enhance cybersecurity efforts and … Read more

China’s Volt Typhoon Exploits 0-day in Versa’s SD-WAN Director Servers

August 28, 2024 at 05:13AM China’s Volt Typhoon group has been exploiting a zero-day bug in Versa Networks’ Director Servers to harvest credentials for future attacks. The bug, tracked as CVE-2024-39717, affects pre-22.1.4 versions and allows unauthorized access via management ports, prompting CISA to issue mitigation directives. Lumen researchers state the exploitation is likely ongoing … Read more

Volt Typhoon suspected of exploiting Versa SD-WAN bug since June

August 27, 2024 at 01:38PM China’s Volt Typhoon exploited a critical bug affecting Versa’s SD-WAN customers using Versa Director, planting custom web shells to harvest credentials on networks. Lumen Technologies linked this to the new malware, VersaMem. Versa has issued a patch and recommends customers to upgrade, but the vulnerability was already exploited, attributed to … Read more

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors

August 27, 2024 at 10:33AM Volt Typhoon, a China-based cyber espionage group, has been linked with exploiting a high-severity security flaw in Versa Director. The attacks targeted U.S. and non-U.S. victims in ISP, MSP, and IT sectors. The flaw allows malicious file uploads, potentially leading to large-scale supply chain attacks. Recommendations include security mitigations and … Read more

Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs

August 27, 2024 at 10:05AM Chinese hacking group Volt Typhoon exploited a zero-day vulnerability in Versa Director to upload a destructive webshell, allowing them to steal credentials and breach corporate networks. Versa has released an advisory outlining impacted versions and the recommended upgrade to fix the issue. Lumen’s Black Lotus Labs identified the exploit and … Read more

Pluralsight Releases Courses to Help Cyber Pros Defend Against Volt Typhoon Hacker Group

August 23, 2024 at 03:51PM Pluralsight unveiled an expert-led course series targeting the sophisticated and persistent state-sponsored cyber group, Volt Typhoon. Directed towards cybersecurity professionals, the series equips learners with tactics and skills to detect and defend against cyberattacks on critical infrastructure. The course path includes seven expert-led courses and six hands-on lab experiences. Sign … Read more

UK cyber-boss slams China’s bug-hoarding laws

July 14, 2024 at 08:12PM The interim CEO of the UK’s National Cyber Security Centre (NCSC) criticizes China’s cyber activities, highlighting concerns about the Beijing-backed Volt Typhoon gang’s attacks and China’s approach to vulnerability reporting. AWS China denies rumors of business trouble and declares good growth momentum. Japanese scientists believe they’ve spotted remnants of a … Read more

Global attackers targeting US critical infrastructure should be ‘wake-up call’

May 9, 2024 at 01:52PM Former NSA cyber boss Rob Joyce described digital intrusions into US water systems by China, Russia, and Iran as a “wake-up call.” Despite minimal impact, the attacks highlight the potential dangers of global tensions and the involvement of hacktivists linked to government intelligence services. The vulnerabilities in critical infrastructure underscore … Read more