1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft says Chinese Silk Typhoon hackers are targeting cloud a

    From TechnologyDaily@1337:1/100 to All on Thu Mar 6 12:00:08 2025
    Microsoft says Chinese Silk Typhoon hackers are targeting cloud and IT apps
    to steal business data

    Date:
    Thu, 06 Mar 2025 11:31:00 +0000

    Description:
    Common IT solutions are the new target for infamous Silk Typhoon threat
    actor, Microsoft warns.

    FULL STORY ======================================================================Chinese threat actor Silk Typhoon spotted targeting common IT apps Microsoft's Threat Intelligence has identified new tactics from the group Silk Typhoon was allegedly behind recent US Treasury hack

    A new report from Microsofts Threat Intelligence has identified a move from Chinese threat actor Silk Typhoon towards targeting common IT solutions such as cloud applications and remote management tools in order to gain access to victims systems.

    The group has been observed attacking a wide range of sectors, including IT services and infrastructure, remote monitoring and management (RMM)
    companies, healthcare, legal services, defense, government agencies, and many more.

    By exploiting zero-day vulnerabilities in edge devices and showcasing technical efficiency, the group has established itself as one of the Chinese threat actors with the largest targeting footprints, Microsoft says. Successful operations

    The report outlines a number of detected threats from Silk Typhoon, including using stolen API keys and credentials used for privilege access management, cloud providers, and cloud management firms - these allowed the group to access the downstream customer environments of the targeted company.

    Silk Typhoon has shown proficiency in understanding how cloud environments
    are deployed and configured, allowing them to successfully move laterally, maintain persistence, and exfiltrate data quickly within victim environments, the report said.

    Since Microsoft Threat Intelligence began tracking this threat actor in 2020, Silk Typhoon has used a myriad of web shells that allow them to execute commands, maintain persistence, and exfiltrate data from victim environments.

    Silk Typhoon is said to be the group behind the US Treasury hack, a major incident in which third party cybersecurity partner BeyondTrust, a remote access software provider was compromised, allowing the attackers access to
    key systems.

    China has always strenuously denied any ties to the group, or to any cyberattackers, and has called on the US to stop spreading disinformation about the states alleged ties to the threat actors. You might also like CISA says no indication other US government agencies affected in Treasury hack Check out our recommendations for the best antivirus US set to pause cyber-offensive operations against Russia - but CISA says it won't stop



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/microsoft-says-chinese-silk-typhoon-hac kers-are-targeting-cloud-and-it-apps-to-steal-business-data


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)