1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Top Canadian telecom firms may have been hit by Chinese Salt Typh

    From TechnologyDaily@1337:1/100 to All on Tuesday, June 24, 2025 16:15:08
    Top Canadian telecom firms may have been hit by Chinese Salt Typhoon hackers

    Date:
    Tue, 24 Jun 2025 15:03:00 +0000

    Description:
    Hackers have seemingly used a Cisco flaw to gain access to telco network.

    FULL STORY ======================================================================Canadian
    telecom firms have been hit with a cyberattack Chinese threat actor Salt Typhoon is suspected to be behind the attacks Hackers exploited an existing Cisco flaw to gain access

    The Canadian Centre for Cyber Security, alongside the FBI, have confirmed hackers were able to gain access to three network devices registered to a Canadian Telecommunications company.

    The Cyber Centre is aware of malicious cyber activities currently targeting Canadian telecommunications companies. The responsible actors are almost certainly PRC state-sponsored actors, specifically Salt Typhoon, The Canadian Centre for Cybersecurity said in a statement.

    This isnt unfamiliar territory for Salt Typhoon, as the group compromised at least eight US telco giants earlier in 2025, with the hackers allegedly
    having access to these networks for months in a mass surveillance campaign affecting dozens of countries and targeting several high-level officials.

    Save up to 68% on identity theft protection for TechRadar readers!

    TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

    Preferred partner ( What does this mean? ) View Deal A long running campaign

    The hackers, apparently exploited a high severity Cisco flaw, tracked as CVE-2023-20198 to gain access, allowing them to retrieve running
    configuration files from the compromised devices, which were then modified in order to create a GRE tunnel, enabling traffic collection from the network
    the devices were connected to.

    A patch for this flaw has been available since October 2023, which indicates
    a serious security oversight in Canadian Telecom cybersecurity.

    The threat actors most likely targeted these devices in order to collect information from the victims internal network, or use the victims device to enable the compromise of further victims, which could explain how Salt
    Typhoon has been so successful in compromising large organizations.

    While our understanding of this activity continues to evolve, we assess that PRC cyber actors will almost certainly continue to target Canadian organizations as part of this espionage campaign, including
    telecommunications service providers and their clients, over the next two years, the statement confirms.

    Telecommunication companies are a high-priority for threat actors as they store large amounts of customer data and have useful intelligence value for cyber-espionage campaigns.

    Via: ArsTechnica You might also like Take a look at our picks for the best malware removal software around Check out our choice for best antivirus software "No evidence" - here's why the massive 16 billion record data breach may not be as bad as first thought



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/top-canadian-telecom-firms-may-have-bee n-hit-by-chinese-salt-typhoon-hackers


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)