Chinese APT group Salt Typhoon has compromised over 600 organizations across 80 countries since 2019, exploiting vulnerabilities in Cisco, Ivanti, and Palo Alto network devices. The group targets telecommunications, government, and critical infrastructure sectors, using compromised routers to pivot into networks and maintain persistent access through modified configurations and GRE tunnels. Intelligence agencies from 13 countries issued a joint advisory linking the attacks to three Chinese companies providing cyber services to Beijing's intelligence services.
Sort: