Found 8 bookmarks
Custom sorting
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
Between December 2024 and January 2025, Recorded Future’s Insikt Group identified a campaign exploiting unpatched internet-facing Cisco network devices primarily associated with global telecommunications providers. Victim organizations included a United States-based affiliate of a United Kingdom-based telecommunications provider and a South African telecommunications provider. Insikt Group attributes this activity to the Chinese state-sponsored threat activity group tracked by Insikt Group as RedMike, which aligns with the Microsoft-named group Salt Typhoon. Using Recorded Future® Network Intelligence, Insikt Group observed RedMike target and exploit unpatched Cisco network devices vulnerable to CVE-2023-20198, a privilege escalation vulnerability found in the web user interface (UI) feature in Cisco IOS XE software, for initial access before exploiting an associated privilege escalation vulnerability, CVE-2023-20273, to gain root privileges. RedMike reconfigures the device, adding a generic routing encapsulation (GRE) tunnel for persistent access.
#recordedfuture#EN#2025#Salt-Typhoon#RedMike#Cisco#compromise#CVE-2023-20273#CVE-2023-20198
·recordedfuture.com·
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored Actor
Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored Actor
Salt Typhoon, a state-sponsored actor linked to the People’s Republic of China, has breached at least nine U.S.-based telecommunications companies with the intent to target high profile government and political figures. Tenable Research examines the tactics, techniques and procedures of this threat actor.
#tenable#EN#2025#Salt-Typhoon#Analysis#vulnerabilies#State-Sponsored
·tenable.com·
Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored Actor
At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says | The Record from Recorded Future News
At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says | The Record from Recorded Future News
Senators briefed on the wide-ranging breaches by Chinese hackers called for action on Wednesday to protect the country's telecommunications networks.
#therecord.media#EN#2024#telcos#US#Salt-Typhoon#China#breaches
·therecord.media·
At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says | The Record from Recorded Future News
T-Mobile confirms it was hacked in recent wave of telecom breaches
T-Mobile confirms it was hacked in recent wave of telecom breaches
T-Mobile confirms it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain access to private communications, call records, and law enforcement information requests.
#bleepingcomputer#EN#2024#China#Cyber-espionage#Cyberattack#Salt-Typhoon#T-Mobile#Telecommunications#Security#InfoSec#Computer-Security
·bleepingcomputer.com·
T-Mobile confirms it was hacked in recent wave of telecom breaches
China-linked APT group Salt Typhoon compromised some US ISPs
China-linked APT group Salt Typhoon compromised some US ISPs
China-linked threat actors compromised some U.S. internet service providers as part of a cyber espionage campaign code-named Salt Typhoon. The state-sponsored hackers aimed at gathering intelligence from the targets or carrying out disruptive cyberattacks. The Wall Street Journal reported that experts are investigating into the security breached to determine if the attackers gained access to Cisco Systems routers, which are core network components of the ISP infrastructures.
#securityaffairs#EN#2024#China-linked#APT#Salt-Typhoon#US#ISP#compromised#Cisco
·securityaffairs.com·
China-linked APT group Salt Typhoon compromised some US ISPs