Microsoft warned on Wednesday that Chinese state-sponsored hackers had compromised “critical” U.S. cyber infrastructure across numerous industries, with a focus on gathering intelligence. The Chinese hacking group, codenamed “Volt Typhoon,” has operated since mid-2021, Microsoft said in an advisory. The organization is apparently working to disrupt “critical communications infrastructure between the United States and Asia,” Microsoft said, to stymie efforts during “future crises.” The attack is apparently ongoing. In an advisory, Microsoft urged impacted customers to “close or change credentials for all compromised ... (full story)

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises. Volt Typhoon has been active ... (full story)