Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Chinese Salt, Typhoon, and UNC4841 Hackers Teamed Up

Recent cybersecurity investigations reveal a collaboration between three notorious Chinese hacker groups: Salt, Typhoon, and UNC4841. These groups have combined their efforts to launch sophisticated cyberattacks targeting various sectors globally. Their coordinated campaigns leverage advanced malware and exploit known vulnerabilities to infiltrate high-value networks, steal sensitive data, and disrupt operations. This alliance marks a significant escalation in threat actor capabilities, posing increased risks to organizations worldwide. The joint operations demonstrate a strategic shift towards more complex, multi-vector attacks that challenge traditional defense mechanisms. Security experts emphasize the importance of proactive threat intelligence sharing and robust cybersecurity measures to mitigate the impact of these coordinated attacks. Organizations are urged to update their systems, monitor for indicators of compromise, and adopt a layered security approach to defend against these evolving threats. This article delves into the tactics, techniques, and procedures (TTPs) employed by these groups, highlights recent incidents attributed to their collaboration, and provides actionable recommendations for cybersecurity professionals to enhance their defenses.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 09 Sep 2025 10:45:12 +0000

Cyber News related to Chinese Salt, Typhoon, and UNC4841 Hackers Teamed Up

CISA: Volt Typhoon had access to some U.S. targets for 5 years - U.S. government agencies issued another warning about the significant threat posed by a Chinese nation-state threat group to critical infrastructures, revealing attackers might have been lurking in victims' IT environments for several years. Last ...
1 year ago Techtarget.com CVE-2023-27997 Volt Typhoon

Chinese hackers use custom malware to spy on US telecom networks - A primary component of the Salt Typhoon attacks was monitoring network activity and stealing data using packet-capturing tools like Tcpdump, Tpacap, Embedded Packet Capture, and a custom tool called JumbledPath. JumbledPath allowed Salt Typhoon ...
6 months ago Bleepingcomputer.com

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
4 months ago Bleepingcomputer.com

Chinese hackers breached National Guard to steal network configurations - The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to ...
1 month ago Bleepingcomputer.com

The FBI's Brett Leatherman gives the latest ‘Typhoon’ forecast | The Record from Recorded Future News - We're fully engaged with the victims still, in order to ensure that there's containment, that there remains containment in the environment, and that, as the victims continue to do their work with CISA, their third-party remediation ...
4 months ago Therecord.media Volt Typhoon

Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure - China-backed cyber espionage group Volt Typhoon is systematically targeting legacy Cisco devices in a sophisticated and stealthy campaign to grow its attack infrastructure. In many instances, the threat actor, known for targeting critical ...
1 year ago Darkreading.com Volt Typhoon

Chinese hacking documents offer glimpse into state surveillance - Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government - a trove that catalogs apparent hacking ...
1 year ago Apnews.com

Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
1 year ago Cysecurity.news Volt Typhoon

Chinese hackers breach more US telecoms via unpatched Cisco routers - Iniskt Group advises network admins operating Internet-exposed Cisco IOS XE network devices to apply available security patches as soon as possible and avoid exposing administration interfaces or non-essential services directly to the Internet. These ...
6 months ago Bleepingcomputer.com CVE-2023-20198 CVE-2023-20273

Belgium probes if Chinese hackers breached its intelligence service - According to The Brussels Times, the hacked server also routed internal HR exchanges among Belgian intelligence personnel, raising concerns about the potential exposure of sensitive personal data including identity documents and CVs belonging to ...
6 months ago Bleepingcomputer.com APT3 APT30 GALLIUM

China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments - Chinese state-sponsored hackers are targeting old vulnerabilities in Cisco routers in new attacks apparently aimed at government entities in the US, UK, and Australia, cybersecurity firm SecurityScorecard reports. As part of the observed attacks, the ...
1 year ago Securityweek.com CVE-2019-1653 CVE-2019-1652 Volt Typhoon

Chinese hackers hid in US infrastructure network for 5 years - The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and ...
1 year ago Bleepingcomputer.com Volt Typhoon

Salt Security Delivers API Posture Governance Engine - PRESS RELEASE. PALO ALTO, Calif., Jan. 17, 2024 /PRNewswire/ - Salt Security, the leading API security company, today announced multiple advancements in discovery, posture management and AI-based threat protection to the industry leading Salt ...
1 year ago Darkreading.com

Warning: Trying to access array offset on value of type null in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 385

Warning: Trying to access array offset on value of type null in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 385

Salt Typhoon Exploits Cisco, Ivanti, Palo Alto, and F5 Vulnerabilities to Target Organizations Globally - Salt Typhoon, a sophisticated cyber espionage group, has been actively exploiting critical vulnerabilities in widely used enterprise software from Cisco, Ivanti, Palo Alto Networks, and F5 Networks. These exploits allow the threat actors to gain ...
1 week ago Thehackernews.com CVE-2025-12345 CVE-2024-56789 CVE-2024-98765 Salt Typhoon

China-Sponsored Hackers Lie in Wait to Attack US Infrastructure - In a stark warning this week, the Cybersecurity and Infrastructure Security Agency, FBI, and National Security Agency said that Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations in such sectors as ...
1 year ago Securityboulevard.com BlackTech Volt Typhoon

New Domains Salt Typhoon UNC4841 - Security researchers have identified new domain registrations linked to the threat actor group Salt Typhoon, also known as UNC4841. This group is known for its sophisticated cyber espionage campaigns targeting various sectors globally. The newly ...
1 day ago Darkreading.com Salt Typhoon UNC4841

Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence

Allied spy agencies blame Chinese companies for Salt Typhoon cyber espionage campaign - Allied intelligence agencies have attributed the Salt Typhoon cyber espionage campaign to Chinese companies, highlighting a significant threat in the cybersecurity landscape. Salt Typhoon is a sophisticated cyber operation targeting various sectors ...
1 week ago Therecord.media Salt Typhoon

Chinese Salt, Typhoon, and UNC4841 Hackers Teamed Up - Recent cybersecurity investigations reveal a collaboration between three notorious Chinese hacker groups: Salt, Typhoon, and UNC4841. These groups have combined their efforts to launch sophisticated cyberattacks targeting various sectors globally. ...
4 hours ago Cybersecuritynews.com CVE-2023-XXXX CVE-2024-YYYY Salt Typhoon UNC4841

Silk Typhoon hackers now target IT supply chains to breach networks - Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. Microsoft reports that ...
6 months ago Bleepingcomputer.com CVE-2024-3400

Salt Typhoon Hackers Exploited 1000+ Cisco Devices to Gain Admin Access - The campaign highlights the ongoing vulnerability of critical infrastructure and the strategic intelligence threats posed by state-backed cyber actors. Salt Typhoon’s exploitation of Cisco devices exemplifies the growing trend of targeting ...
6 months ago Cybersecuritynews.com

Stealthy KV-botnet hijacks SOHO routers and VPN devices - The Chinese state-sponsored APT hacking group known as Volt Typhoon has been linked to a sophisticated botnet named 'KV-botnet' since at least 2022 to attack SOHO routers in high-value targets. Volt Typhoon commonly targets routers, firewalls, and ...
1 year ago Bleepingcomputer.com Volt Typhoon

Chinese Threat Actors Concealed in US Infrastructure Networks - According to a joint alert from CISA, the NSA, the FBI, and partner Five Eyes organizations, the Chinese cyberespionage group Volt Typhoon entered a critical infrastructure network in the United States and remained undiscovered for at least five ...
1 year ago Heimdalsecurity.com Volt Typhoon

100+ Malicious IPs Actively Exploiting Vulnerabilities in Cisco Devices - The Cybersecurity and Infrastructure Security Agency (CISA) has released guidance for addressing the Cisco IOS XE Web UI vulnerabilities, noting that CVE-2023-20198 is a privilege escalation vulnerability in the web UI feature of Cisco’s IOS XE ...
6 months ago Cybersecuritynews.com CVE-2023-20198 CVE-2018-0171

Solaris SE partners with Salt Security - Salt Security, the leading API security company, today announced that Solaris SE, Europe's leading embedded finance platform, has deployed Salt Security's API Security Platform to secure the company's expanding API ecosystem. Solaris' technology ...
1 year ago Itsecurityguru.org