Microsoft and global intelligence agencies warn of Chinese hackers infecting US critical infrastructure
techspot.com
What just happened? Microsoft and authorities from several countries have warned that a state-sponsored hacking group has been spying on critical US infrastructure across a range of industries, with the aim of disrupting communications between the United States and Asia in the event of future crises.
Microsoft said that the hackers, codenamed Volt Typhoon, have been in operation since mid-2021. By exploiting vulnerabilities in internet-facing Fortinet FortiGuard devices that admins never patched, the attackers are able to extract credentials to a network's Active Directory, and use the data to infect other devices on a network.
"Volt Typhoon proxies all its network traffic to its targets through compromised SOHO network edge devices (including routers)," Microsoft wrote. "Microsoft has confirmed that many of the devices, which include those manufactured by ASUS, Cisco, D-Link, NETGEAR, and Zyxel, allow the owner to expose HTTP or SSH management interfaces to the Internet."
Microsoft said ...
Copyright of this story solely belongs to techspot.com . To see the full text click HERE