Particle.news
Download on the App Store
3 ARTICLES
·
yesterday

U.S. Deploys Emergency Cyber Patches After DHS Reveals Salt Typhoon Breach

U.S. cybersecurity teams are segmenting networks to tighten access controls following a report of persistent breaches in defense and infrastructure systems.

A Department of Defense report divulged that everything shared over the National Guard’s network could be compromised after a “Salt Typhoon” hack.

Overview

  • The Department of Homeland Security disclosed that Salt Typhoon infiltrated a U.S. Army National Guard network for nine months in 2024, exfiltrating network diagrams, configuration files, administrator credentials and service member data.
  • Between 2023 and 2024 the group stole 1,462 configuration files from around 70 U.S. government and critical infrastructure entities to facilitate further espionage.
  • Exploited vulnerabilities include Cisco’s CVE-2018-0171, CVE-2023-20198 and CVE-2023-20273, along with Palo Alto’s CVE-2024-3400.
  • Federal agencies are implementing network segmentation, access controls and device patches to mitigate the exposed flaws.
  • China’s embassy in Washington has challenged the attribution of Salt Typhoon to its government, citing a lack of conclusive evidence.