| SYMBOL | COMMON_NAME | aka. SYNONYMS |
[Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises. [Secureworks] BRONZE SILHOUETTE likely operates on behalf the PRC. The targeting of U.S. government and defense organizations for intelligence gain aligns with PRC requirements, and the tradecraft observed in these engagements overlap with other state-sponsored Chinese threat groups.
| 2024-08-27
⋅
Lumen
⋅
Taking the Crossroads: The Versa Director Zero-Day Exploitation VersaMem |
| 2024-02-07
⋅
CISA
⋅
MAR-10448362-1.v1 Volt Typhoon ScanLine |
| 2024-02-07
⋅
Lumen
⋅
KV-Botnet: Don’t call it a Comeback KV |
| 2024-02-07
⋅
CISA
⋅
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure ScanLine |
| 2024-01-31
⋅
Department of Justice
⋅
U.S. Government Disrupts Botnet People’s Republic of China Used to Conceal Hacking of Critical Infrastructure KV |
| 2024-01-10
⋅
SecurityScorecard
⋅
Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days KV |
| 2023-12-13
⋅
Lumen
⋅
Routers Roasting on an Open Firewall: the KV-botnet Investigation KV |
| 2023-05-26
⋅
Palo Alto Networks Unit 42
⋅
Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (aka Volt Typhoon) Volt Typhoon |
| 2023-05-24
⋅
Secureworks
⋅
Chinese Cyberespionage Group BRONZE SILHOUETTE Targets U.S. Government and Defense Organizations Volt Typhoon |
| 2023-05-24
⋅
Microsoft
⋅
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques Volt Typhoon |