US Sanctions Chinese Firm, Offers Reward for Cybersecurity Breaches
The U.S. Treasury Department has sanctioned Chinese cybersecurity firm Sichuan Silence and its employee Guan Tianfeng for exploiting a zero-day vulnerability in Sophos firewalls, compromising around 81,000 firewalls globally, including over 23,000 in the U.S. The attack targeted critical infrastructure, including a government agency and an energy company, with the intent to steal data and potentially deploy Ragnarok ransomware, posing significant risks to human life.