CISA, NSA and Cyber Centre Warn Critical Infrastructure of . . . ) unveiled a malware analysis report on BRICKSTORM, a sophisticated backdoor for VMware vSphere (specifically VMWare vCenter servers) and Windows environments used by People’s Republic of China (PRC) state-sponsored actors The report provides indicators of compromise (IOCs) and detection signatures to assist critical infrastructure owners and operators in identifying whether they have been
NSA Joins CISA to Release Guidance on Detecting BRICKSTORM . . . Organizations—especially those within critical infrastructure, government services and facilities, and the Information Technology sector—are encouraged to use the indicators of compromise (IOCs) and detection signatures outlined in the report to detect BRICKSTORM backdoor activity
When the Spies Get Spied On: How Chinese Hackers Turned U. S. By exploiting these lawful intercept backdoors, Salt Typhoon could potentially listen in on wiretapped calls, intercept emails, and monitor communications that were under federal surveillance
China Possibly Hacking US “Lawful Access” Backdoor The Wall Street Journal is reporting that Chinese hackers (Salt Typhoon) penetrated the networks of US broadband providers, and might have accessed the backdoors that the federal government uses to execute court-authorized wiretap requests