1. Forum
  2. tqwNet
  3. TQW GENTECH

  • How much do you trust your cloud? Hackers exploit weakness to tar

    From TechnologyDaily@1337:1/100 to All on Tuesday, August 26, 2025 16:15:10
    How much do you trust your cloud? Hackers exploit weakness to target
    customers - here's what we know

    Date:
    Tue, 26 Aug 2025 15:03:00 +0000

    Description:
    Murky Panda is using zero-day flaws to target cloud-based service providers and use them as a stepping stone.

    FULL STORY ======================================================================Chinese hackers found a unique way to target US firms The method remained largely hidden until now Hackers are mostly interested in espionage, experts claim

    Chinese threat actors known as Murky Panda are abusing the trust businesses have in their cloud providers to break into companies, steal sensitive files, and maintain persistence for additional reconnaissance and espionage.

    Security researchers at Crowdstrike have revealed how, since 2023, they have seen at least two cases in which Murky Panda exploited zero-day flaws to
    break into SaaS providers cloud environment.

    After breaking in, they analyzed their victims cloud environment logic, enabling them to leverage their access to that software to move laterally to downstream customers. Silk Typhoon

    So, in essence, this is a third-party cyberattack conducted through a cloud-based service provider. However, the method is unique, and that makes
    it more successful compared to others, more widely reported ones:

    Due to the activitys rarity, this initial access vector to a victim's cloud environment remains relatively undermonitored compared to more prominent initial access vectors such as valid cloud accounts and exploiting public-facing applications, Crowdstrike explained.

    The researchers also said the threat actor has been active since at least 2023, and that its techniques, tactics, and procedures are quite similar to those of Silk Typhoon, a known Chinese state-sponsored group. Since attribution is often tricky, the researchers hint that this could be Silk Typhoon, a partnering group, or a copycat.

    Whoever it is, it seems to be focused on cyber-espionage and intelligence-gathering. Most of its targets are in government, technology, academia, legal, and professional services, located primarily in North America.

    When breaking into their initial targets, Murky Panda is using different methods and tools. They were seen leveraging CVE-2023-3519 - a known vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway instances. This flaw is at least two years old, and was abused in the past by different ransomware actors, as well.

    In other cases, they were seen compromising different small office/home
    office (SOHO) devices, too. You might also like Ransomware hackers target major Citrix NetScaler flaw Take a look at our guide to the best
    authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/how-much-do-you-trust-your-cloud-hacker s-exploit-weakness-to-target-customers-heres-what-we-know


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)