Particle.news
Download on the App Store
15 ARTICLES
·
2h ago

U.S. and Allies Detail China-Linked Salt Typhoon Hacks Across 80 Countries, Name 3 Firms

A rare joint advisory outlines exploited network‑edge flaws to spur urgent patching and threat hunting.

Image
An electronic display showing cyberattacks in China at the China Internet Security Conference in Beijing, in 2017.
The Government Communications Headquarters in Gloucestershire
Image

Overview

  • The 37-page alert from the FBI, NSA, CISA and 12 partner governments expands the campaign’s scope to roughly 80 countries and more than 200 victim companies, with the FBI notifying at least 600 organizations.
  • Authorities publicly link three China-based companies — Beijing Huanyu Tianqiong, Sichuan Zhixin Ruijie and Sichuan Juxinhe — to support for Chinese intelligence services, noting the U.S. sanctioned Juxinhe in January.
  • Investigators say intrusions at major carriers including AT&T and Verizon exposed call records, text data and location information, affecting over a million people in the Washington, D.C., area.
  • The advisory emphasizes exploitation of fixable, publicly disclosed vulnerabilities in edge devices, citing Cisco IOS XE (CVE-2023-20198/2023-20273, 2018-0171), Ivanti Connect Secure (CVE-2024-21887) and Palo Alto GlobalProtect (CVE-2024-3400).
  • Agencies warn the spies modified routers to maintain long-term footholds and urge immediate patching, proactive threat hunting and careful eviction planning, as the UK confirmed activity in parts of its critical national infrastructure.