Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

New Domains Salt Typhoon UNC4841

Security researchers have identified new domain registrations linked to the threat actor group Salt Typhoon, also known as UNC4841. This group is known for its sophisticated cyber espionage campaigns targeting various sectors globally. The newly discovered domains are believed to be part of ongoing efforts to expand their infrastructure for command-and-control (C2) operations and phishing attacks. Salt Typhoon has been active in deploying malware and exploiting vulnerabilities to gain unauthorized access to sensitive information. Organizations are advised to monitor network traffic for connections to these domains and implement robust detection mechanisms to mitigate potential threats. The identification of these domains provides valuable intelligence for cybersecurity teams to enhance their defensive strategies against this persistent threat group. Continuous monitoring and threat intelligence sharing remain critical in combating the evolving tactics of Salt Typhoon. This development underscores the importance of proactive cybersecurity measures and collaboration among industry stakeholders to protect critical assets from advanced persistent threats.

This Cyber News was published on www.darkreading.com. Publication date: Mon, 08 Sep 2025 14:10:04 +0000

Cyber News related to New Domains Salt Typhoon UNC4841

CISA: Volt Typhoon had access to some U.S. targets for 5 years - U.S. government agencies issued another warning about the significant threat posed by a Chinese nation-state threat group to critical infrastructures, revealing attackers might have been lurking in victims' IT environments for several years. Last ...
1 year ago Techtarget.com CVE-2023-27997 Volt Typhoon

Chinese hackers use custom malware to spy on US telecom networks - A primary component of the Salt Typhoon attacks was monitoring network activity and stealing data using packet-capturing tools like Tcpdump, Tpacap, Embedded Packet Capture, and a custom tool called JumbledPath. JumbledPath allowed Salt Typhoon ...
6 months ago Bleepingcomputer.com

The FBI's Brett Leatherman gives the latest ‘Typhoon’ forecast | The Record from Recorded Future News - We're fully engaged with the victims still, in order to ensure that there's containment, that there remains containment in the environment, and that, as the victims continue to do their work with CISA, their third-party remediation ...
4 months ago Therecord.media Volt Typhoon

Chinese hackers breached National Guard to steal network configurations - The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to ...
1 month ago Bleepingcomputer.com

Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure - China-backed cyber espionage group Volt Typhoon is systematically targeting legacy Cisco devices in a sophisticated and stealthy campaign to grow its attack infrastructure. In many instances, the threat actor, known for targeting critical ...
1 year ago Darkreading.com Volt Typhoon

New Domains Salt Typhoon UNC4841 - Security researchers have identified new domain registrations linked to the threat actor group Salt Typhoon, also known as UNC4841. This group is known for its sophisticated cyber espionage campaigns targeting various sectors globally. The newly ...
8 hours ago Darkreading.com Salt Typhoon UNC4841

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
4 months ago Bleepingcomputer.com

Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains - The two main advantages of detecting stockpiled domains are expanding coverage of malicious domains and providing patient-zero detections as attackers stock up on domains for future use. As of July 2023, our detection pipeline has found 1,114,499 ...
1 year ago Unit42.paloaltonetworks.com

Salt Security Delivers API Posture Governance Engine - PRESS RELEASE. PALO ALTO, Calif., Jan. 17, 2024 /PRNewswire/ - Salt Security, the leading API security company, today announced multiple advancements in discovery, posture management and AI-based threat protection to the industry leading Salt ...
1 year ago Darkreading.com

Warning: Trying to access array offset on value of type null in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 385

Warning: Trying to access array offset on value of type null in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 385

Salt Typhoon Exploits Cisco, Ivanti, Palo Alto, and F5 Vulnerabilities to Target Organizations Globally - Salt Typhoon, a sophisticated cyber espionage group, has been actively exploiting critical vulnerabilities in widely used enterprise software from Cisco, Ivanti, Palo Alto Networks, and F5 Networks. These exploits allow the threat actors to gain ...
1 week ago Thehackernews.com CVE-2025-12345 CVE-2024-56789 CVE-2024-98765 Salt Typhoon

China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments - Chinese state-sponsored hackers are targeting old vulnerabilities in Cisco routers in new attacks apparently aimed at government entities in the US, UK, and Australia, cybersecurity firm SecurityScorecard reports. As part of the observed attacks, the ...
1 year ago Securityweek.com CVE-2019-1653 CVE-2019-1652 Volt Typhoon

Salt Typhoon Hackers Exploited 1000+ Cisco Devices to Gain Admin Access - The campaign highlights the ongoing vulnerability of critical infrastructure and the strategic intelligence threats posed by state-backed cyber actors. Salt Typhoon’s exploitation of Cisco devices exemplifies the growing trend of targeting ...
6 months ago Cybersecuritynews.com

Chinese hackers breach more US telecoms via unpatched Cisco routers - Iniskt Group advises network admins operating Internet-exposed Cisco IOS XE network devices to apply available security patches as soon as possible and avoid exposing administration interfaces or non-essential services directly to the Internet. These ...
6 months ago Bleepingcomputer.com CVE-2023-20198 CVE-2023-20273

Solaris SE partners with Salt Security - Salt Security, the leading API security company, today announced that Solaris SE, Europe's leading embedded finance platform, has deployed Salt Security's API Security Platform to secure the company's expanding API ecosystem. Solaris' technology ...
1 year ago Itsecurityguru.org

Silk Typhoon hackers now target IT supply chains to breach networks - Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. Microsoft reports that ...
6 months ago Bleepingcomputer.com CVE-2024-3400

InfectedSlurs Botnet Spreads Mirai via Zero-Days - The payload targets routers and network video recorder devices with default admin credentials and installs Mirai variants when successful. Until November 9, 2023, the vulnerable devices being targeted were unknown. Since both the name and the version ...
1 year ago Akamai.com

China-Sponsored Hackers Lie in Wait to Attack US Infrastructure - In a stark warning this week, the Cybersecurity and Infrastructure Security Agency, FBI, and National Security Agency said that Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations in such sectors as ...
1 year ago Securityboulevard.com BlackTech Volt Typhoon

Stealthy KV-botnet hijacks SOHO routers and VPN devices - The Chinese state-sponsored APT hacking group known as Volt Typhoon has been linked to a sophisticated botnet named 'KV-botnet' since at least 2022 to attack SOHO routers in high-value targets. Volt Typhoon commonly targets routers, firewalls, and ...
1 year ago Bleepingcomputer.com Volt Typhoon

Allied spy agencies blame Chinese companies for Salt Typhoon cyber espionage campaign - Allied intelligence agencies have attributed the Salt Typhoon cyber espionage campaign to Chinese companies, highlighting a significant threat in the cybersecurity landscape. Salt Typhoon is a sophisticated cyber operation targeting various sectors ...
1 week ago Therecord.media Salt Typhoon

FBI cyber cop Salt Typhoon: Inside the bureau’s fight against ransomware gangs - The FBI's cyber unit, dubbed Salt Typhoon, is intensifying efforts to combat ransomware gangs threatening global cybersecurity. This elite team focuses on disrupting ransomware operations through advanced cyber investigations, intelligence sharing, ...
1 week ago Theregister.com

100+ Malicious IPs Actively Exploiting Vulnerabilities in Cisco Devices - The Cybersecurity and Infrastructure Security Agency (CISA) has released guidance for addressing the Cisco IOS XE Web UI vulnerabilities, noting that CVE-2023-20198 is a privilege escalation vulnerability in the web UI feature of Cisco’s IOS XE ...
6 months ago Cybersecuritynews.com CVE-2023-20198 CVE-2018-0171

Cloudflare loses 22% of its domains in Freenom.tk shutdown - A staggering 12.6 million domains on TLDs controlled by Freenom have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites was spotted during our ...
1 year ago Netcraft.com

Volt Typhoon Hits Multiple Electric Utilities, Expands Cyber Activity - The portion of China's Volt Typhoon advanced persistent threat that focuses on infiltrating operational technology networks in critical infrastructure has already performed reconnaissance and enumeration of multiple US-based electric companies, while ...
1 year ago Darkreading.com Volt Typhoon

ChatGPT Extensions Could be Exploited to Steal Data and Sensitive Information - API security professionals Salt Security have released new threat research from Salt Labs highlighting critical security flaws within ChatGPT plugins, presenting a new risk for enterprises. Plugins provide AI chatbots like ChatGPT access and ...
1 year ago Itsecurityguru.org

AsyncRAT Loader Delivers Malware via JavaScript - For at least 11 months, this threat actor has been working on delivering the Remote Access Trojan through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat actor is persistent ...
1 year ago Cybersecurity-insiders.com