In a blog post, Microsoft (MSFT) announced Microsoft Threat Intelligence identified a shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions like remote management tools and cloud applications to gain initial access. While they haven’t been observed directly targeting Microsoft cloud services, they do exploit unpatched applications that allow them to elevate their access in targeted organizations and conduct further malicious activities. After successfully compromising a victim, Silk Typhoon uses the stolen keys and credentials to infiltrate customer networks where they can then abuse a variety of deployed applications, including Microsoft services and others, to achieve their espionage objectives. In particular, Silk Typhoon was observed abusing stolen API keys and credentials associated with privilege access management, cloud app providers, and cloud data management companies, allowing the threat actor to access these companies’ downstream customer environments.
Published first on TheFly – the ultimate source for real-time, market-moving breaking financial news. Try Now>>
Read More on MSFT:
- Judge denies Musk’s attempt to block OpenAI’s for-profit shift, CNBC reports
- OpenAI considers charging $20K/month for PhD-level agents, Information says
- Nvidia-Backed CoreWeave Faces Setback as Microsoft Scales Back Commitments Ahead of IPO
- Microsoft-backed OpenAI Launches PhD-Level Research Agents at $20K Per Month
- Discord in talks for possible IPO in 2025, NY Times reports