Breach, Critical Infrastructure Security, Threat Intelligence

Singtel breach attributed to Volt Typhoon

Share
Chinese cyber threat
(Adobe Stock)

Chinese state-sponsored threat operation Volt Typhoon reportedly targeted major Singaporean mobile carrier Singapore Telecommunications, with intelligence obtained from such an intrusion then leveraged by the hacking group to compromise U.S. and other Western critical infrastructure, according to BNN Bloomberg.

Attackers behind the Singtel breach utilized a web shell, noted sources close to the matter. Such a webshell was previously reported by Lumen researchers to have been planted on an anonymous Singaporean entity to secure credentials that were later used to infiltrate four U.S.-based organizations and an India-based entity. Despite having been impacted by a malware intrusion in June, Singtel did not have its data or services compromised, noted a spokesperson, who neither confirmed nor denied the attack to be the one reportedly launched by Volt Typhoon. Such a development comes after another Chinese state-backed group Salt Typhoon was reported to have breached AT&T and Verizon, enabling the compromise of devices belonging to the campaigns of former President Donald Trump and Vice President Kamala Harris.

Related

Over 21K Equinox patients, staff impacted by LockBit-claimed attack

Threat actors who infiltrated Equinox's systems on Apr. 29 were able to exfiltrate digital files containing individuals' names, birthdates, addresses, Social Security numbers, passport numbers, driver's license or other government identification numbers, health insurance information, financial account details, treatment and diagnosis data, and/or medication details.

Alleged Finastra breach under investigation

Infiltration of Finastra's internally hosted file transfer platform, which was only discovered earlier this month, was likely conducted through stolen credentials and has resulted in the exfiltration of customer information.

Email breach hits Library of Congress

While email correspondences between the Congressional Research Service and other Library staff and certain congressional offices between January and September had been compromised, such an intrusion — which was initially reported by NBC News — did not affect the House and Senate's IT networks and respective email accounts.

Related Terms

CorruptionCovert ChannelsDNS SpoofingDeauthentication AttackDefacementDictionary AttackDrive-by DownloadGoogle HackingHybrid AttackInformation Warfare

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.