home.social

#volttyphoon — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #volttyphoon, aggregated by home.social.

  1. According to Dragos, Volt Typhoon continues active operations inside U.S. utilities, shifting toward direct OT interaction and sensor data theft in 2025.

    Notable elements:
    • Pre-positioning in ICS environments
    • Exploitation of Ivanti & Trimble Cityworks vulnerabilities
    • GIS data harvesting for infrastructure mapping
    • Access broker activity attributed to SYLVANITE
    • Long-term persistence objectives
    CEO Rob Lee stated some compromised sites may never be identified.

    Technical question:
    If adversaries maintain low-and-slow OT access, how should defenders adapt detection engineering?
    – Network baselining?
    – Sensor telemetry validation?
    – Asset-level anomaly detection?
    – Zero trust for OT?

    Drop your technical analysis below.
    Follow @technadu for advanced threat coverage.

    #ICSsecurity #OTsecurity #ThreatHunting #DetectionEngineering #VoltTyphoon #InfrastructureDefense #CyberResilience #EnergyGrid #WaterUtilities #NationalSecurity #BlueTeam #CyberThreatIntel

  2. According to Dragos, Volt Typhoon continues active operations inside U.S. utilities, shifting toward direct OT interaction and sensor data theft in 2025.

    Notable elements:
    • Pre-positioning in ICS environments
    • Exploitation of Ivanti & Trimble Cityworks vulnerabilities
    • GIS data harvesting for infrastructure mapping
    • Access broker activity attributed to SYLVANITE
    • Long-term persistence objectives
    CEO Rob Lee stated some compromised sites may never be identified.

    Technical question:
    If adversaries maintain low-and-slow OT access, how should defenders adapt detection engineering?
    – Network baselining?
    – Sensor telemetry validation?
    – Asset-level anomaly detection?
    – Zero trust for OT?

    Drop your technical analysis below.
    Follow @technadu for advanced threat coverage.

    #ICSsecurity #OTsecurity #ThreatHunting #DetectionEngineering #VoltTyphoon #InfrastructureDefense #CyberResilience #EnergyGrid #WaterUtilities #NationalSecurity #BlueTeam #CyberThreatIntel

  3. According to Dragos, Volt Typhoon continues active operations inside U.S. utilities, shifting toward direct OT interaction and sensor data theft in 2025.

    Notable elements:
    • Pre-positioning in ICS environments
    • Exploitation of Ivanti & Trimble Cityworks vulnerabilities
    • GIS data harvesting for infrastructure mapping
    • Access broker activity attributed to SYLVANITE
    • Long-term persistence objectives
    CEO Rob Lee stated some compromised sites may never be identified.

    Technical question:
    If adversaries maintain low-and-slow OT access, how should defenders adapt detection engineering?
    – Network baselining?
    – Sensor telemetry validation?
    – Asset-level anomaly detection?
    – Zero trust for OT?

    Drop your technical analysis below.
    Follow @technadu for advanced threat coverage.

    #ICSsecurity #OTsecurity #ThreatHunting #DetectionEngineering #VoltTyphoon #InfrastructureDefense #CyberResilience #EnergyGrid #WaterUtilities #NationalSecurity #BlueTeam #CyberThreatIntel

  4. According to Dragos, Volt Typhoon continues active operations inside U.S. utilities, shifting toward direct OT interaction and sensor data theft in 2025.

    Notable elements:
    • Pre-positioning in ICS environments
    • Exploitation of Ivanti & Trimble Cityworks vulnerabilities
    • GIS data harvesting for infrastructure mapping
    • Access broker activity attributed to SYLVANITE
    • Long-term persistence objectives
    CEO Rob Lee stated some compromised sites may never be identified.

    Technical question:
    If adversaries maintain low-and-slow OT access, how should defenders adapt detection engineering?
    – Network baselining?
    – Sensor telemetry validation?
    – Asset-level anomaly detection?
    – Zero trust for OT?

    Drop your technical analysis below.
    Follow @technadu for advanced threat coverage.

    #ICSsecurity #OTsecurity #ThreatHunting #DetectionEngineering #VoltTyphoon #InfrastructureDefense #CyberResilience #EnergyGrid #WaterUtilities #NationalSecurity #BlueTeam #CyberThreatIntel

  5. PROMPTSPY, CEPEZED GEHACKT EN 90% RANSOMWARE VIA FIREWALLS

    ESET onthulde PromptSpy, de eerste malware voor Android die Google Gemini AI misbruikt. Op ClawHub werden 1.184 kwaadaardige skills ontdekt. cepezed op leksite DragonForce. Barracuda: 90% ransomware begint bij firewalls.

    ccinfo.nl/journaal/3018896_pro

    #Cyberjournaal #ccinfo #PromptSpy #cepezed #DragonForce #Barracuda #ransomware #VoltTyphoon #cybersecurity #Nederland #Belgie

  6. PROMPTSPY, CEPEZED GEHACKT EN 90% RANSOMWARE VIA FIREWALLS

    ESET onthulde PromptSpy, de eerste malware voor Android die Google Gemini AI misbruikt. Op ClawHub werden 1.184 kwaadaardige skills ontdekt. cepezed op leksite DragonForce. Barracuda: 90% ransomware begint bij firewalls.

    ccinfo.nl/journaal/3018896_pro

    #Cyberjournaal #ccinfo #PromptSpy #cepezed #DragonForce #Barracuda #ransomware #VoltTyphoon #cybersecurity #Nederland #Belgie

  7. PROMPTSPY, CEPEZED GEHACKT EN 90% RANSOMWARE VIA FIREWALLS

    ESET onthulde PromptSpy, de eerste malware voor Android die Google Gemini AI misbruikt. Op ClawHub werden 1.184 kwaadaardige skills ontdekt. cepezed op leksite DragonForce. Barracuda: 90% ransomware begint bij firewalls.

    ccinfo.nl/journaal/3018896_pro

    #Cyberjournaal #ccinfo #PromptSpy #cepezed #DragonForce #Barracuda #ransomware #VoltTyphoon #cybersecurity #Nederland #Belgie

  8. PROMPTSPY, CEPEZED GEHACKT EN 90% RANSOMWARE VIA FIREWALLS

    ESET onthulde PromptSpy, de eerste malware voor Android die Google Gemini AI misbruikt. Op ClawHub werden 1.184 kwaadaardige skills ontdekt. cepezed op leksite DragonForce. Barracuda: 90% ransomware begint bij firewalls.

    ccinfo.nl/journaal/3018896_pro

    #Cyberjournaal #ccinfo #PromptSpy #cepezed #DragonForce #Barracuda #ransomware #VoltTyphoon #cybersecurity #Nederland #Belgie

  9. #China remains embedded in #US energy networks 'for the purpose of taking it down'
    Three new threat groups began targeting #criticalinfrastructure last year, while a well-known Beijing-backed crew - #VoltTyphoon - continued to compromise cellular gateways and routers, and then break into US #electric, #oil, and #gas companies in 2025, according to Dragos' annual threat report published on Tuesday.
    theregister.com/2026/02/17/vol

  10. #VoltTyphoon? Prepositioning? Überall Pandas? WTF sind eigtl. Chinas Cyberoperationen, Cybersicherheitsstrategie und Architektur. Warum uns das was angehen sollte, erfahrt ihr in der aktuellen Podcast-Folge: #cybersicherheit #china percepticon.de/2025/48-wtf-sin

  11. #China now #America's number one cyber threat – US must get up to speed
    This shift was signified by the #VoltTyphoon attacks against the US last year, retired Rear Admiral Mark Montgomery told the #RSA Conference in San Francisco on Monday, and corporates to be held accountable. #US has focused on defense as its key strategy. But in doing so, this had allowed other nations to hone their cyber skills, and China has risen to be the key adversary in this vital battleground.
    theregister.com/2025/04/29/chi

  12. With Chinese diplomats reportedly admitting to targeting US Critical Infrastructure as a "warning to the U.S. about Taiwan" and some in the industry war-gaming the possibility of Cyber Effects being used to sway the Trade dispute between the US and China, now seemed a good time to do a reality check on how - if at all - China would do so.

    The bottom line - expect a surge in cyber espionage and signaling campaigns targeting US telcos and leadership to provide the CCP a competitive advantage in negotiations and their backdoor dealings.🕵️

    Cyber Security doesn't operate in a vacuum - here's a good example of where geopolitics starts to seep in at the edges: opalsec.io/is-cyber-a-legitima

    #CyberSecurity #InfoSec #ThreatIntel #China #USChinaTradeWar #Geopolitics #CyberWarfare #CriticalInfrastructure #VoltTyphoon #SaltTyphoon #NationalSecurity #CyberThreats #RiskManagement #GeopoliticalRisk #CyberPolicy #CISA

  13. Brass Typhoon: The #Chinese #Hacking Group Lurking in the Shadows

    Though less well-known than groups like #VoltTyphoon and #SaltTyphoon , #BrassTyphoon , or #APT41 , is an infamous, longtime #espionage actor that foreshadowed recent telecom #hacks.
    #security #China

    wired.com/story/brass-typhoon-

  14. 🇺🇸 US | 🇨🇳 CHINA
    🔴 China Implies Role in US Infrastructure Hacks

    🔸 In Dec 2024 Geneva talks, China hinted at link to Volt Typhoon cyberattacks.
    🔸 Sought to justify hacks as response to US support for Taiwan.
    🔸 US officials saw this as Beijing’s implicit admission.
    🔸 FBI dismantled Volt Typhoon in Jan 2024.

    #China #CyberAttack #VoltTyphoon #Taiwan #US #Infrastructure #WSJ #Hacking #CyberSecurity

  15. "Chinese officials acknowledged in a secret December meeting that Beijing was behind a widespread series of alarming cyberattacks on U.S. infrastructure, according to people familiar with the matter, underscoring how hostilities between the two superpowers are continuing to escalate.

    The Chinese delegation linked years of intrusions into computer networks at U.S. ports, water utilities, airports and other targets, to increasing U.S. policy support for Taiwan, the people, who declined to be named, said.

    The first-of-its-kind signal at a Geneva summit with the outgoing Biden administration startled American officials used to hearing their Chinese counterparts blame the campaign, which security researchers have dubbed Volt Typhoon, on a criminal outfit, or accuse the U.S. of having an overactive imagination."

    wsj.com/politics/national-secu

    #USA #CyberSecurity #China #StateHacking #VoltTyphoon #Infrastructure

  16. Happy Monday everyone!

    Coming out of a brief lull in activity, I have a #readoftheday for you! This comes from a CYFIRMA article that takes a look at the APT #VoltTyphoon. They share vulnerabilities that have been recently exploited and (my favorite part) recent #TTPs and #behaviors that are associated with the group! I like how well it is documented that I am not even going to recreate it here! I will definitely diving back into their archives to see if there are more of these profile articles! Enjoy and Happy Hunting!

    APT PROFILE – VOLT TYPHOON
    cyfirma.com/research/apt-profi

    Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting

  17. Chinese #Hackers Sat Undetected in Small #Massachusetts #PowerUtility for Months | PCMag

    State-sponsored #VoltTyphoon hackers were poking around the #LittletonElectric Light and Water Departments for at least 300 days before the #FBI gave the utility a heads up.
    #security #China

    pcmag.com/news/chinese-hackers

  18. New: Chinese Hackers Breached US Electric Grid for over 300 Days! #VoltTyphoon infiltrated a Massachusetts utility collecting critical data undetected for almost a year.

    Read: hackread.com/chinese-volt-typh

    #CyberSecurity #Hacking #USGrid #Infosec #China

  19. New: Chinese Hackers Breached US Electric Grid for over 300 Days! infiltrated a Massachusetts utility collecting critical data undetected for almost a year.

    Read: hackread.com/chinese-volt-typh

  20. New: Chinese Hackers Breached US Electric Grid for over 300 Days! #VoltTyphoon infiltrated a Massachusetts utility collecting critical data undetected for almost a year.

    Read: hackread.com/chinese-volt-typh

    #CyberSecurity #Hacking #USGrid #Infosec #China

  21. New: Chinese Hackers Breached US Electric Grid for over 300 Days! #VoltTyphoon infiltrated a Massachusetts utility collecting critical data undetected for almost a year.

    Read: hackread.com/chinese-volt-typh

    #CyberSecurity #Hacking #USGrid #Infosec #China

  22. New: Chinese Hackers Breached US Electric Grid for over 300 Days! #VoltTyphoon infiltrated a Massachusetts utility collecting critical data undetected for almost a year.

    Read: hackread.com/chinese-volt-typh

    #CyberSecurity #Hacking #USGrid #Infosec #China

  23. Singapore Telecommunications was breached by Chinese state-sponsored hackers this summer as part of a broader campaign against telecommunications companies and other critical infrastructure operators around the world. japantimes.co.jp/news/2024/11/ #asiapacific #crimelegal #china #hacking #telecoms #singapore #singtel #volttyphoon

  24. Timely for #Halloween - Joshua Corman and I discuss the scariest story I know of in IT - the mounting threats to the #cybersecurity of critical infrastructure.


    "We live in glass houses. And people are about to start throwing rocks."#ITOps #podcast #SBOM #softwaresupplychainsecurity #volttyphoon #secops #undisruptable27

    podbean.com/ew/pb-cuyq2-1724bf