Reportseverity: Critical2023-05-24

Volt Typhoon publicly named, targeting U.S. critical infrastructure

published by Microsoft Threat Intelligence

Actor

PRC state-sponsored actor focused on pre-positioning in U.S. critical infrastructure (communications, energy, transportation, water). Heavy use of living-off-the-land techniques and small-office/home…

Summary

Microsoft publicly disclosed Volt Typhoon, a PRC state-sponsored actor pre-positioning in U.S. critical infrastructure networks — communications, manufacturing, utilities, transportation, construction, maritime, government, IT, and education — with heavy use of living-off-the-land binaries.

Primary source

microsoft.com

Other Volt Typhoon events

2024-08-22Volt Typhoon exploits Versa Director zero-day (CVE-2024-39717)
2024-02-07Joint CISA/NSA/FBI advisory AA24-038A on Volt Typhoon
2024-01-31DOJ disrupts KV-botnet of compromised SOHO routers

Summary

Tags

Primary source

Other Volt Typhoon events