By Dean Seal
Microsoft warned that a Chinese state-sponsored hacking group is targeting common IT solutions to spy on companies and organizations around the world.
The company said in its threat intelligence blog Wednesday that it has identified a shift in tactics by Silk Typhoon, a Chinese state actor focused on espionage, toward using remote management tools and cloud applications to infiltrate a targeted organization.
Microsoft hasn't seen the group directly target its cloud services, but Silk Typhoon has exploited unpatched applications to elevate their access and conduct more illicit activities, the company said.
The group has used stolen credentials associated with privilege access management companies, cloud app providers and cloud data management companies to gain access to those companies' downstream customers and tenants, Microsoft said.
"Companies within these sectors are possible targets of interest to the threat actor," according to the blog.
Microsoft's blog provides recommendations for detecting and mitigating Silk Typhoon's activity, including ensuring that public facing devices are patched.
Write to Dean Seal at dean.seal@wsj.com
(END) Dow Jones Newswires
March 05, 2025 11:35 ET (16:35 GMT)
Copyright (c) 2025 Dow Jones & Company, Inc.
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.