Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/lorenzofb/statuses/113034445686385770">Lorenzo Franceschi-Bicchierai (lorenzofb@infosec.exchange)'s status on Wednesday, 28-Aug-2024 00:06:56 JST</a><a href="https://infosec.exchange/@lorenzofb" title="lorenzofb@infosec.exchange"><img src="https://gnusocial.jp/avatar/107000-48-20231120204452.webp" width="48" height="48" alt="Lorenzo Franceschi-Bicchierai" style="position: absolute; left: 0; top: 0;">Lorenzo Franceschi-Bicchierai</a></section><article><p>NEW: Security researchers say they found evidence that Chinese government-linked hacking group Volt Typhoon used a zero-day to target ISPs in the U.S. and India.</p><p>The goal was to steal the credentials of the ISPs downstream customers, to do more targeted hacking.</p><p>“This wasn’t limited to just telecoms, but managed service providers and internet service providers,” said Mike Horka, the Black Lotus Labs' researcher who found the hacking campaign. “These central locations that they can go after, which then provide additional access.” Horka said these internet and networking companies are targets themselves, “very likely because of the access that they could potentially provide to additional downstream customers.”</p><p><a href="https://techcrunch.com/2024/08/27/chinese-government-hackers-targeted-u-s-internet-providers-with-zero-day-exploit-researchers-say/" rel="nofollow noreferrer">https://techcrunch.com/2024/08/27/chinese-government-hackers-targeted-u-s-internet-providers-with-zero-day-exploit-researchers-say/</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3576762#notice-7017269">In conversation</a><time datetime="2024-08-28T00:06:56+09:00" title="Wednesday, 28-Aug-2024 00:06:56 JST">about 2 months ago</time> <span>from <span><a href="https://infosec.exchange/@lorenzofb/113034445686385770" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@lorenzofb/113034445686385770">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Lorenzo Franceschi-Bicchierai (lorenzofb@infosec.exchange)'s status on Wednesday, 28-Aug-2024 00:06:56 JST Lorenzo Franceschi-Bicchierai
NEW: Security researchers say they found evidence that Chinese government-linked hacking group Volt Typhoon used a zero-day to target ISPs in the U.S. and India.
The goal was to steal the credentials of the ISPs downstream customers, to do more targeted hacking.
“This wasn’t limited to just telecoms, but managed service providers and internet service providers,” said Mike Horka, the Black Lotus Labs' researcher who found the hacking campaign. “These central locations that they can go after, which then provide additional access.” Horka said these internet and networking companies are targets themselves, “very likely because of the access that they could potentially provide to additional downstream customers.”
https://techcrunch.com/2024/08/27/chinese-government-hackers-targeted-u-s-internet-providers-with-zero-day-exploit-researchers-say/
In conversationabout 2 months ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice