'Volt Typhoon' Breaks Fresh Ground for China-Backed Cyber Campaigns

This is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say. [TechWeb]( Follow Dark Reading: [RSS]( May 25, 2023 LATEST SECURITY NEWS & COMMENTARY ['Volt Typhoon' Breaks Fresh Ground for China-Backed Cyber Campaigns]( This is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say. [CosmicEnergy Malware Emerges, Capable of Electric Grid Shutdown]( Russian code that could tamper with industrial machines and toggle RTUs on and off was floating around VirusTotal for years before being noticed. It raises new questions about the state of OT security. [CISO Criminalization, Vague Cyber Disclosure Rules Create Angst for Security Teams]( In the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears. [Google Cloud Bug Allows Server Takeover From CloudSQL Service]( Researchers could access sensitive data and steal secrets by exploiting a vulnerability in GCP's security layer, eventually running rampant in the environment. ['Operation Magalenha' Attacks Give a Window Into Brazil's Cybercrime Ecosystem]( A campaign against customers of Portuguese banks uses a capable financial malware strain dubbed PeepingTitle, written in the Delphi programming language. [Dangerous Regions: Isolating Branch Offices in High-Risk Countries]( Organizations must be cautious about how they interact with other regions around the world in order to operate safely in an at-times adversarial landscape. [Lazarus Group Striking Vulnerable Windows IIS Web Servers]( The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers. [Netflix's Password-Sharing Ban Offers Security Upsides]( The streaming giant is looking to bolster flagging subscription growth and profits, but security researchers say the move offers a perfect opportunity to encourage better password hygiene and account safety. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool]( Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence. [5 Questions to Ask When Evaluating a New Cybersecurity Technology]( Any new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them. [How Universities Can Bridge Cybersecurity's Gender Gap]( It's time to invest in initiatives that engage young women in cybersecurity early and often. [MORE]( EDITORS' CHOICE ['Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs]( According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea. LATEST FROM DR GLOBAL [Bank of Ghana Opens SOC to Enable Threat Intelligence Sharing]( Bank of Ghana's security operations center will boost visibility into threats and enable threat intelligence sharing, it says. LATEST FROM THE EDGE [Russia's War in Ukraine Shows Cyberattacks Can Be War Crimes]( Ukraine head of cybersecurity Victor Zhora says the world needs "efficient legal instruments to confront cyber terrorism." LATEST FROM DR TECHNOLOGY [Red Hat Tackles Software Supply Chain Security]( The new Red Hat Trusted Software Supply Chain services help developers take a secure-by-design approach to build, deploy, and monitor software. WEBINARS - [Mastering Endpoint Security: The Power of Least Privilege]( Join us at one of our upcoming live and interactive events we will explore the critical role of least privilege in endpoint security, how it helps to systematically strengthen organization's security posture, and provides a solid foundation for endpoint security ... - [Here's What Zero Trust Really Means]( Credential theft, lateral movement and other cyberattack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, verify ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Ultimate Guide to the CISSP]( - [Invicti AppSec Indicator: Tuning Out the AppSec Noise is All About DAST]( - [ESG Report: Automated Application Security Testing for Faster Development]( - [Proof-Based Scanning: No noise, just facts]( - [The 3 Approaches to Breach & Attack Simulation Technologies]( - [2023 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP)]( - [The Cloud Security Workflow Handbook]( [View More White Papers >>]( FEATURED REPORTS - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Perception Point Report Finds That Advanced Phishing Attacks Grew by 356% in 2022]( [Memcyco Delivers Real-Time Brandjacking Detection and Protection Solution]( [Honeywell Releases Cyber Insights to Better Identify Cybersecurity Threats and Vulnerabilities]( [Netwrix Report: Enterprises Suffer More Ransomware and Other Malware Attacks Than Smaller Organizations]( [MORE PRODUCTS & RELEASES]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)