China-linked APT group Salt Typhoon has been using a custom malware named JumbledPath to spy on US telecom providers. Insikt Group highlighted that several US telecom providers were breached by exploiting unpatched Cisco network devices. Salt Typhoon reportedly breached major US telecom firms for over three years using mostly stolen credentials. Despite known vulnerabilities and fixes, researchers are still unsure how the group obtained the login credentials used in the attacks.
North Korean Chollima Actors Expand Arsenal with BeaverTail and OtterCookie – Cyber Press
North Korean Chollima Actors Expand Arsenal with BeaverTail and OtterCookie Cyber Press
