Blog
Share This Post
[ad_1]
Intrusions against U.S. critical infrastructure and government agencies have been deployed by Chinese state-backed cyberespionage operation Storm-0227 since Wednesday, reports The Register.
After leveraging application vulnerabilities and spear-phishing emails to spread the SparkRAT remote administration tool for initial network access and persistence, Storm-0227 — which like the Salt Typhoon, Volt Typhoon, and TAG-100 operations launched attacks against U.S. defense industrial base, telecommunications, aviation, financial, government, and non-government organizations — proceeded to exfiltrate credentials from Microsoft 365 and other apps, which were later used to compromise sensitive data, according to the Microsoft Threat Intelligence team. “China continues to focus on these kinds of targets. They’re pulling out files that are of espionage value, communications that are contextual espionage value to those files, and looking at U.S. interests,” said Microsoft Director of Threat Intelligence Strategy Sherrod DeGrippo, who emphasized the persistent threat posed by Chinese threat actors against U.S. infrastructure.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
