'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs

According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea. [TechWeb]( Follow Dark Reading: [RSS]( May 25, 2023 LATEST SECURITY NEWS & COMMENTARY ['Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs]( According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea. [Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool]( Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence. [OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps]( A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and more. [SuperMailer Abuse Bypasses Email Security for Super-Sized Credential Theft]( Secure email gateways and end users alike are being fooled by a cyberattack campaign that's enjoying skyrocketing volumes against businesses in every industry, globally. [Threat Actors Compromise Barracuda Email Security Appliances]( The company's ESG appliances were breached, but their other services remain unaffected by the compromise. [5 Questions to Ask When Evaluating a New Cybersecurity Technology]( Any new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them. [How Universities Can Bridge Cybersecurity's Gender Gap]( It's time to invest in initiatives that engage young women in cybersecurity early and often. [(Sponsored Article) How to Protect Your Organization From Vulnerabilities]( Cobalt's fifth edition of "The State of Penetration Testing Report" taps into data from 3,100 pen tests and more than 1,000 responses from security practitioners. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft: BEC Attackers Evade 'Impossible Travel' Flags With Residential IP Addresses]( Threat actors are circumventing geo-location-based security detections, using a combination of cybercrime-as-a-service platforms and the purchasing of local IP addresses. [Enterprises Must Prepare Now for Shorter TLS Certificate Lifespans]( Shorter certificate lifespans are beneficial, but they require a rethink of how to properly manage them. [PyPI Shuts Down Over the Weekend, Says Incident Was Overblown]( The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one. [MORE]( EDITORS' CHOICE [Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking]( A February 2022 attack knocked the giant tire maker's North American operations offline for several days. LATEST FROM DR GLOBAL [Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks]( Researchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks. LATEST FROM THE EDGE [Improving Cybersecurity Requires Building Better Public-Private Cooperation]( Security vendors, businesses, and US government agencies need to work together to fight ransomware and protect critical infrastructure. LATEST FROM DR TECHNOLOGY [Enterprises Rely on Multicloud Security to Protect Cloud Workloads]( As enterprises adopt multicloud, the security picture has become foggy. Cloud workload protection platforms and distributed firewalls are creating clarity. WEBINARS - [Here's What Zero Trust Really Means]( Credential theft, lateral movement and other cyberattack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, verify ... - [Why Threat Modeling Is Critical for Enterprise Cyber Defense]( As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [ESG Report: Automated Application Security Testing for Faster Development]( - [Proof-Based Scanning: No noise, just facts]( - [Cybersecurity Maturity Model Certification (CMMC) Version 1.02]( - [Every Minute Matters: Real-World Incident Response Timelines In Action]( - [The State of Cybersecurity: 2023 Trends Report]( - [Cymulate Named Innovation Leader, Frost & Sullivan's - Frost Radar BAS, 2022]( - [Top Ten Tips: Securing Multi-Cloud with Modern CSPM]( [View More White Papers >>]( FEATURED REPORTS - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Technology Veterans James Wickett and Ken Johnson Launch DryRun Security to Bring Security to Developers]( [Netwrix Report: Enterprises Suffer More Ransomware and Other Malware Attacks Than Smaller Organizations]( [Honeywell Releases Cyber Insights to Better Identify Cybersecurity Threats and Vulnerabilities]( [Harvard Pilgrim Health Care Notifies Individuals of Privacy Incident]( [Appdome Launches Build-to-Test, Automated Testing Option for Protected Mobile Apps]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)