Microsoft warns that China-backed APT Silk Typhoon, which was linked to the US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Security Affairs reports:
Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target IT solutions like remote management tools and cloud apps for initial access.
Silk Typhoon is a China-linked cyber espionage group involved in the cyber attack against the US Treasury.
Though not directly attacking Microsoft cloud services, they exploit unpatched apps to escalate privileges and gain access to customer networks. Using stolen credentials, they abuse various applications for espionage.
This Chinese APT has one of the widest targeting scopes. Microsoft experts observed the group exploiting vulnerabilities opportunistically by swiftly acting on scanning discoveries.
Read more at Security Affairs.
