Attacks by Chinese state-sponsored threat operation Silk Typhoon, also known as Murky Panda, against North American government, technology, professional services, and legal organizations have intensified over the past few months, CyberScoop reports.
Multiple cloud solution providers' admin privileges have been exploited by Silk Typhoon to enable downstream compromise, according to an analysis from CrowdStrike. Aside from abusing Citrix NetScaler and Commvault Web Server flaws, Silk Typhoon has also set its sights on vulnerable small office/home office devices and other internet-exposed devices to facilitate initial access. Despite increased law enforcement clampdowns against Chinese threats, attacks linked to China rose by 150% year-over-year in June, with state-backed cloud intrusions rising by 40% during the same period. "A lot of the activity we've seen from China is tied to geopolitical issues and initiatives that they're following, and Murky Panda is a subset of that," said CrowdStrike Senior Vice President of Counter Adversary Operations Adam Meyers.
Multiple cloud solution providers' admin privileges have been exploited by Silk Typhoon to enable downstream compromise, according to an analysis from CrowdStrike. Aside from abusing Citrix NetScaler and Commvault Web Server flaws, Silk Typhoon has also set its sights on vulnerable small office/home office devices and other internet-exposed devices to facilitate initial access. Despite increased law enforcement clampdowns against Chinese threats, attacks linked to China rose by 150% year-over-year in June, with state-backed cloud intrusions rising by 40% during the same period. "A lot of the activity we've seen from China is tied to geopolitical issues and initiatives that they're following, and Murky Panda is a subset of that," said CrowdStrike Senior Vice President of Counter Adversary Operations Adam Meyers.
