https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF
People’s Republic of China State-Sponsored Cyber
Actor Living off the Land to Evade DetectionSummary
The United States and international cybersecurity authorities are issuing this joint
Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of
interest associated with a People’s Republic of China (PRC) state-sponsored cyber
actor, also known as Volt Typhoon. Private sector partners have identified that this
activity affects networks across U.S. critical infrastructure sectors, and the authoring
agencies believe the actor could apply the same techniques against these and other
sectors worldwide.…
https://www.ghacks.net/2023/05/25/china-hacked-us-microsoft/
..How did that happen?
An undisclosed vulnerability within the widely used cybersecurity suite, FortiGuard, has become the hackers’ favored entry point. Microsoft’s revelation underscores the urgent need for immediate action, as these infiltrators exploit compromised systems to gain unauthorized access to interconnected networks.
Once inside, the hackers quietly obtain user credentials from the compromised security suite, facilitating their covert access to other corporate systems. It is crucial to note that the hackers’ primary objective is not immediate disruption but long-term espionage. Their intent is to remain undetected, allowing them to gather sensitive information clandestinely…