Microsoft is investigating whether a leak from its early alert system for cybersecurity partners, specifically the Microsoft Active Protections Program (MAPP), allowed Chinese hackers to exploit vulnerabilities in SharePoint before they were patched. The breach has affected over 400 entities worldwide, with suspected involvement of Chinese state-sponsored groups. Past incidents suggest potential leaks from the MAPP program, raising concerns about security and transparency, especially given Chinese laws requiring rapid vulnerability reporting and the involvement of Chinese companies in government-linked vulnerability programs.
A cyber-espionage campaign exploiting vulnerabilities in Microsoft's SharePoint server software has affected around 400 organizations, up from 100, with many victims still undisclosed. The attack, linked to Chinese hackers, began after Microsoft failed to fully patch a security flaw, leading to widespread server compromises including at the NIH.
The US National Nuclear Security Administration was breached through a Microsoft SharePoint zero-day vulnerability, with Chinese state-sponsored hackers exploiting the flaw to access various government and private organizations, though no sensitive nuclear information was reportedly compromised.
Microsoft has identified Chinese hacking groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploiting vulnerabilities in SharePoint Server, prompting security updates and urging immediate patching to prevent further attacks, which target organizations for espionage and intellectual property theft.
Microsoft has accused Chinese state-sponsored groups of exploiting vulnerabilities in SharePoint software to target various organizations, including government and corporate entities, with new security updates issued to address these zero-day exploits. The attacks highlight ongoing Chinese cyber espionage efforts, with impacts across multiple countries and sectors, amid broader concerns over Chinese cyber campaigns.
Chinese hackers have accessed the phone metadata of over a million people, primarily in the Washington, D.C. area, through a campaign known as Salt Typhoon. Despite the breach, most victims have not been notified by major telecom companies like AT&T and Verizon, nor does the FBI plan to alert them. The hacking campaign, which has targeted eight U.S. telecom and internet service providers, is considered one of the largest intelligence compromises in U.S. history. The breach highlights significant privacy concerns, as metadata can reveal sensitive information about individuals' contacts and movements.
The FBI and the Cybersecurity and Infrastructure Security Agency have issued a warning to Americans to avoid using text and call services without end-to-end encryption following a cybersecurity attack by Chinese hackers on Verizon, AT&T, and Lumen Technologies. The attack potentially allows hackers to access unencrypted communications, particularly affecting messages between iPhones and Android devices. Officials recommend using encrypted services like WhatsApp or Signal to protect communications.
Federal officials have warned of a significant Chinese hacking operation targeting American telecommunications companies, emphasizing the importance of using encryption to protect communications. Apps like Signal and WhatsApp offer end-to-end encryption, ensuring messages and calls remain private even from the app providers. While iMessage and Google Messages also provide encryption, it is not always end-to-end, especially when communicating across different platforms. The FBI's investigation, dubbed Salt Typhoon, revealed that Chinese hackers accessed phone records and text messages, particularly in Washington, D.C., though China denies these allegations.
The US government is recommending the use of encrypted messaging and secure devices as Chinese hackers continue to infiltrate telecommunications networks, accessing metadata and live calls. This situation highlights the ongoing debate over encryption backdoors, which US officials have sought for surveillance purposes but are criticized for potentially being exploited by malicious actors. The hacks, linked to a broad cyber espionage campaign by China, also raise concerns about the 1994 Communications Assistance for Law Enforcement Act, which mandates surveillance capabilities in telecom systems.
U.S. officials have warned of an ongoing Chinese cyberattack targeting global telecommunications providers, attributed to the hacking group Salt Typhoon. The breach, first detected in late spring, has affected up to 80 telecom companies, including major U.S. providers like AT&T and Verizon. The attack aims to access U.S. political leaders' communications and national security data. A joint alert was issued by U.S. agencies and partners in New Zealand, Australia, and Canada, though the UK did not participate. The breach is considered one of the most serious in U.S. history.
Chinese state-sponsored hackers, known as "Salt Typhoon," breached T-Mobile's routers to explore its network, but were blocked before accessing customer data. T-Mobile's proactive cyber defenses, including network segmentation, prevented further spread. The breach is part of a broader series of telecom attacks by the group, which has targeted multiple providers and government entities. T-Mobile has shared its findings with government and industry partners, and no sensitive customer information was compromised.
Chinese hackers are reportedly embedding themselves in U.S. critical infrastructure to gain an advantage in potential conflicts, according to Morgan Adamski of U.S. Cyber Command. This follows a significant cyberespionage operation, "Salt Typhoon," which targeted U.S. telecommunications, compromising call records and communications of key officials. The Chinese government denies involvement, and the Chinese Embassy has not commented on the allegations.
T-Mobile has been targeted by a cyber-espionage campaign linked to Chinese state-sponsored hackers known as Salt Typhoon, which also affected other major U.S. telecom providers. The breach focused on wiretap systems used for law enforcement surveillance, compromising sensitive communications involving high-ranking U.S. officials. While T-Mobile reports no significant impact on customer data, the incident underscores vulnerabilities in the telecommunications sector and the need for enhanced security measures. T-Mobile is collaborating with federal authorities to address the breach.
T-Mobile was among several telecommunications companies targeted in a Chinese cyber-espionage operation, according to The Wall Street Journal. Hackers linked to a Chinese intelligence agency breached T-Mobile's network to spy on high-value intelligence targets. While T-Mobile claims no significant impact on its systems or customer data, the FBI and CISA reported that China-linked hackers intercepted surveillance data from U.S. telecom companies. Beijing has denied these hacking allegations.
Chinese hackers compromised the cellphone of Todd Blanche, Donald Trump's lead defense attorney, accessing text messages and audio recordings. This breach is part of a broader Chinese cyber-espionage campaign targeting U.S. political figures, including those associated with the Trump and Harris campaigns. The FBI is investigating the extent of the breach, which has raised concerns about national security and the integrity of communications among political and legal figures. The incident highlights ongoing cybersecurity threats from foreign actors.
