Microsoft Says Chinese-Sponsored Hackers Targeting Cloud Applications

Dow Jones

21小时前

By Dean Seal

Microsoft warned that a Chinese state-sponsored hacking group is targeting common IT solutions to spy on companies and organizations around the world.

The company said in its threat intelligence blog Wednesday that it has identified a shift in tactics by Silk Typhoon, a Chinese state actor focused on espionage, toward using remote management tools and cloud applications to infiltrate a targeted organization.

Microsoft hasn't seen the group directly target its cloud services, but Silk Typhoon has exploited unpatched applications to elevate their access and conduct more illicit activities, the company said.

The group has used stolen credentials associated with privilege access management companies, cloud app providers and cloud data management companies to gain access to those companies' downstream customers and tenants, Microsoft said.

"Companies within these sectors are possible targets of interest to the threat actor," according to the blog.

Microsoft's blog provides recommendations for detecting and mitigating Silk Typhoon's activity, including ensuring that public facing devices are patched.

Write to Dean Seal at dean.seal@wsj.com

(END) Dow Jones Newswires

March 05, 2025 11:35 ET (16:35 GMT)

Copyright (c) 2025 Dow Jones & Company, Inc.

免责声明：投资有风险，本文并非投资建议，以上内容不应被视为任何金融产品的购买或出售要约、建议或邀请，作者或其他用户的任何相关讨论、评论或帖子也不应被视为此类内容。本文仅供一般参考，不考虑您的个人投资目标、财务状况或需求。TTM对信息的准确性和完整性不承担任何责任或保证，投资者应自行研究并在投资前寻求专业建议。

热议股票

1
2
3
4
5
6
7
8
9
10

{"basename":"/hans","ssrTDKData":{"titleTemplate":"%s - 老虎证券","title":"老虎证券全球投资理财平台| 一站式投资美股新股港股A股","description":"老虎证券助您一站式投资美股，新股，港股，A股等全球金融理财产品。新加坡华人最信赖的在线投资平台，现在加入即享低费用，24/5 无时差炒美股投资理财！","keywords":"老虎证券,老虎证券开户,老虎券商,老虎证券官网,老虎证券app,tigertrade老虎证券,股票,炒股,新加坡股票交易平台,投资,投资理财","social":{"ogDescription":"老虎证券助您一站式投资美股，新股，港股，A股等全球金融理财产品。新加坡华人最信赖的在线投资平台，现在加入即享低费用，24/5 无时差炒美股投资理财！","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/hans/news/2517594104"},"companyName":"老虎证券"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2517594104\",edition:\"fundamental\",,,undefined,":{"share":"https://ttm.financial/m/news/2517594104?lang=zh_CN&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2025-03-06 00:35","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2517594104","market":"other","top_or_hot":-1,"title":"Microsoft Says Chinese-Sponsored Hackers Targeting Cloud Applications","media":"Dow Jones","content":"<html><body><font class=\"NormalMinus1\" face=\"Arial\">\n<p>\n  By Dean Seal \n</p>\n<p>\n  Microsoft warned that a Chinese state-sponsored hacking group is targeting common IT solutions to spy on companies and organizations around the world. \n</p>\n<p>\n  The company said in its threat intelligence blog Wednesday that it has identified a shift in tactics by Silk Typhoon, a Chinese state actor focused on espionage, toward using remote management tools and cloud applications to infiltrate a targeted organization. \n</p>\n<p>\n  Microsoft hasn't seen the group directly target its cloud services, but Silk Typhoon has exploited unpatched applications to elevate their access and conduct more illicit activities, the company said. \n</p>\n<p>\n  The group has used stolen credentials associated with privilege access management companies, cloud app providers and cloud data management companies to gain access to those companies' downstream customers and tenants, Microsoft said. \n</p>\n<p>\n  \"Companies within these sectors are possible targets of interest to the threat actor,\" according to the blog. \n</p>\n<p>\n  Microsoft's blog provides recommendations for detecting and mitigating Silk Typhoon's activity, including ensuring that public facing devices are patched. \n</p>\n<p>\n  Write to Dean Seal at dean.seal@wsj.com \n</p>\n<pre>\n \n</pre>\n<p>\n  (END) Dow Jones Newswires\n</p>\n<p>\n  March 05, 2025 11:35 ET (16:35 GMT)\n</p>\n<p>\n  Copyright (c) 2025 Dow Jones & Company, Inc.\n</p>\n</font></body></html>","source":null,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta content=\"text/html; charset=utf-8\" http-equiv=\"Content-Type\"/>\n<meta content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\" name=\"viewport\"/>\n<meta content=\"telephone=no,email=no,address=no\" name=\"format-detection\"/>\n<title>Microsoft Says Chinese-Sponsored Hackers Targeting Cloud Applications</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nMicrosoft Says Chinese-Sponsored Hackers Targeting Cloud Applications\n</h2>\n<h4 class=\"meta\">\n<div class=\"head\">\n<div class=\"h-thumb\" style=\"background-image:url(https://static.tigerbbs.com/150f88aa4d182df19190059f4a365e99);background-size:cover;\"></div>\n<div class=\"h-content\">\n<p class=\"h-name\">Dow Jones </p>\n<p class=\"h-time\">2025-03-06 00:35</p>\n</div>\n</div>\n</h4>\n</header>\n<article>\n<font class=\"NormalMinus1\" face=\"Arial\">\n<p>\n  By Dean Seal \n</p>\n<p>\n  Microsoft warned that a Chinese state-sponsored hacking group is targeting common IT solutions to spy on companies and organizations around the world. \n</p>\n<p>\n  The company said in its threat intelligence blog Wednesday that it has identified a shift in tactics by Silk Typhoon, a Chinese state actor focused on espionage, toward using remote management tools and cloud applications to infiltrate a targeted organization. \n</p>\n<p>\n  Microsoft hasn't seen the group directly target its cloud services, but Silk Typhoon has exploited unpatched applications to elevate their access and conduct more illicit activities, the company said. \n</p>\n<p>\n  The group has used stolen credentials associated with privilege access management companies, cloud app providers and cloud data management companies to gain access to those companies' downstream customers and tenants, Microsoft said. \n</p>\n<p>\n  \"Companies within these sectors are possible targets of interest to the threat actor,\" according to the blog. \n</p>\n<p>\n  Microsoft's blog provides recommendations for detecting and mitigating Silk Typhoon's activity, including ensuring that public facing devices are patched. \n</p>\n<p>\n  Write to Dean Seal at dean.seal@wsj.com \n</p>\n<pre>\n \n</pre>\n<p>\n  (END) Dow Jones Newswires\n</p>\n<p>\n  March 05, 2025 11:35 ET (16:35 GMT)\n</p>\n<p>\n  Copyright (c) 2025 Dow Jones & Company, Inc.\n</p>\n</font>\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"IE00BJTD4V19.USD","symbol_name":"NEUBERGER BERMAN US LONG SHORT EQUITY \"A1\" (USD) ACC","start_time":0,"source_url":"https://dowjonesnews.com/newdjn/logon.aspx?AL=N","article_id":"2517594104","we_media_id":"106","thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2517594104","pubTimestamp":1741192500,"columns":[],"sourceInfo":null,"weMediaInfo":{"media_name":"Dow Jones","introduction":"Dow Jones publishes the world’s most trusted business news and financial information in a variety of media.","home_visible":0,"id":"106","head_image":"https://static.tigerbbs.com/150f88aa4d182df19190059f4a365e99"},"summary":"Microsoft warned that a Chinese state-sponsored hacking group is targeting common IT solutions to spy on companies and organizations around the world.The company said in its threat intelligence blog Wednesday that it has identified a shift in tactics by Silk Typhoon, a Chinese state actor focused on espionage, toward using remote management tools and cloud applications to infiltrate a targeted organization.Microsoft hasn't seen the group directly target its cloud services, but Silk Typhoon has exploited unpatched applications to elevate their access and conduct more illicit activities, the company said.The group has used stolen credentials associated with privilege access management companies, cloud app providers and cloud data management companies to gain access to those companies' downstream customers and tenants, Microsoft said.\"Companies within these sectors are possible targets of interest to the threat actor,\" according to the blog.Microsoft's blog provides recommendations for de","collect":0,"end_time":0,"defaultTopTitle":"","property":[],"viewcount":null,"language":"en","relate_stocks":{"IE00BJTD4V19.USD":"NEUBERGER BERMAN US LONG SHORT EQUITY \"A1\" (USD) ACC","MSFT":"微软","LU0079474960.USD":"联博美国增长基金A","IE00BDCRKT87.USD":"PINEBRIDGE GLOBAL DYNAMIC ASSET ALLOCATION \"ADC\" (USD) INC","IE00BN8TJ469.HKD":"FTGF CLEARBRIDGE TACTICAL DIVIDEND INCOME \"A\" (HKD) INC","LU0964807845.USD":"ALLIANZ INCOME & GROWTH \"A\" (USD) INC","LU0187121727.USD":"FIDELITY SUSTAINABLE US EQUITY \"A\" (USD) INC","LU1043141396.HKD":"NINETY ONE GSF GLOBAL FRANCHISE \"A\" (HKD) ACC","LU1084165304.USD":"FIDELITY WORLD \"A\" (USD) ACC","LU2462157665.USD":"ALLIANZ GLOBAL INCOME \"A\" (USD) INC","IE00BBT3K403.USD":"LEGG MASON CLEARBRIDGE TACTICAL DIVIDEND INCOME \"A(USD) ACC","LU1221951046.USD":"NORDEA 1 STABLE RETURN \"HM\" (USDHDG) INC","LU2362540622.SGD":"WELLINGTON NEXT GENERATION GLOBAL EQUITY \"A\" (SGDHDG) ACC","LU0757359954.USD":"SCHRODER ISF GLOBAL MULTI-ASSET INCOME \"A\" (USD) INC MF","LU1670711123.USD":"M&G (LUX) GLOBAL DIVIDEND \"A\" (USD) INC","LU0171293334.USD":"贝莱德英国基金A2","LU0345768740.USD":"NINETY ONE GSF GLOBAL STRATEGIC MANAGED \"A\" (USD) INC","LU1934455194.USD":"AB SICAV I LOW VOLATILITY TOTAL RETURN EQUITY PORT \"A\" (USD) ACC","LU2279689827.SGD":"JPMorgan Investment Funds - Global Income Sustainable A (mth) SGD-H","LU1188199696.SGD":"Schroder ISF Global Multi-Asset Income A Dis SGD","LU2361044949.HKD":"WELLINGTON US QUALITY GROWTH \"A\" (HKD) ACC","LU2471134879.HKD":"INVESCO GLOBAL EQUITY INCOME ADVANTAGE \"A\" (HKD) INC","LU0006306889.USD":"SCHRODER ISF US LARGE CAP \"A\" (USD) INC AV","LU2065169927.USD":"M&G (LUX) GLOBAL MAXIMA \"A\" (USD) ACC","LU2361044865.SGD":"WELLINGTON US QUALITY GROWTH \"A\" (SGDHDG) ACC","LU1196500208.SGD":"NORDEA STABLE RETURN \"HB\" (SGDHDG) ACC","LU1066053197.SGD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM3\" (SGDHDG) INC","BK4527":"明星科技股","BK4543":"AI","LU0157215616.USD":"FIDELITY GLOBAL FOCUS \"A\" INC","LU2087621335.USD":"ALLSPRING GLOBAL FACTOR ENHANCED EQUITY \"A\" (USD) ACC","LU2471134523.USD":"INVESCO GLOBAL EQUITY INCOME ADVANTAGE \"A\" (USD) ACC","BK4550":"红杉资本持仓","LU1852331112.SGD":"Blackrock World Technology Fund A2 SGD-H","LU1236620750.USD":"HSBC GIF GLOBAL SUSTAINABLE LONG TERM DIVIDEND \"AM2\" (USD) INC","LU0289960550.SGD":"AB FCP I - GLOBAL EQUITY BLEND PORTFOLIO 'A' (SGD) ACC","LU0061475181.USD":"THREADNEEDLE (LUX) AMERICAN \"AU\" (USD) ACC","IE000KEQY171.SGD":"PIMCO BALANCED INCOME AND GROWTH \"M\" (SGDHDG) INC","LU1564329461.SGD":"Blackrock Dynamic High Income A6 SGD-H","LU0149725797.USD":"汇丰美国股市经济规模基金","LU0354030438.USD":"富国美国大盘成长基金Cl A Acc","BK4581":"高盛持仓","BK4504":"桥水持仓","LU1974910355.USD":"Allianz Thematica Cl AMg DIS USD","IE00BFSS7M15.SGD":"Janus Henderson Balanced A Acc SGD-H","LU0943347566.SGD":"安联收益及增长平衡基金AM H2-SGD","LU1935042488.USD":"MANULIFE GF GLOBAL MULTI-ASSET DIVERSIFIED INCOME  \"AA\" (USD) INC","LU1032955483.USD":"NORDEA 1 STABLE RETURN \"HB\" (USDHDG) ACC","SG9999018865.SGD":"United Global Quality Growth Fd Cl Dist SGD-H","LU2506952170.USD":"BNP PARIBAS SUSTAINABLE GLOBAL LOW VOL EQUITY \"CRH\" (USDHDG) INC"},"translate_title":"微软称中国支持的黑客瞄准云应用","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"MSFT":1},"content_text":"By Dean Seal \n\n\n  Microsoft warned that a Chinese state-sponsored hacking group is targeting common IT solutions to spy on companies and organizations around the world. \n\n\n  The company said in its threat intelligence blog Wednesday that it has identified a shift in tactics by Silk Typhoon, a Chinese state actor focused on espionage, toward using remote management tools and cloud applications to infiltrate a targeted organization. \n\n\n  Microsoft hasn't seen the group directly target its cloud services, but Silk Typhoon has exploited unpatched applications to elevate their access and conduct more illicit activities, the company said. \n\n\n  The group has used stolen credentials associated with privilege access management companies, cloud app providers and cloud data management companies to gain access to those companies' downstream customers and tenants, Microsoft said. \n\n\n  \"Companies within these sectors are possible targets of interest to the threat actor,\" according to the blog. \n\n\n  Microsoft's blog provides recommendations for detecting and mitigating Silk Typhoon's activity, including ensuring that public facing devices are patched. \n\n\n  Write to Dean Seal at dean.seal@wsj.com \n\n\n \n\n\n  (END) Dow Jones Newswires\n\n\n  March 05, 2025 11:35 ET (16:35 GMT)\n\n\n  Copyright (c) 2025 Dow Jones & Company, Inc.","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"policyRegulatory","news_rank":0,"symbols":[],"gpt_button":0}}}