Just Another Blue Teamer · @LeeArchinal
128 followers · 193 posts · Server ioc.exchange
Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday
#powershell #certutil #bitsadmin #Lsass #happyhunting #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #readoftheday #flaxtyphoon #ChinaChopper #metasploit #mimikatz #lolbins
Mr.Trunk · @mrtrunk
10 followers · 17803 posts · Server dromedary.seedoubleyou.meHackRead: Microsoft: Chinese APT Flax Typhoon uses legit tools for cyber espionage https://www.hackread.com/microsoft-china-apt-flax-typhoon-cyber-espionage/ #CyberEspionage #CyberAttacks #FlaxTyphoon #Microsoft #Security #China #APT #VPN
#cyberespionage #cyberattacks #flaxtyphoon #microsoft #security #china #apt #vpn
Mr.Trunk · @mrtrunk
10 followers · 17701 posts · Server dromedary.seedoubleyou.meHackRead: Microsoft: Chinese APT Flax Typhoon uses legit tools for cyber espionage https://www.hackread.com/microsoft-china-apt-flax-typhoon-cyber-espionage/ #CyberEspionage #CyberAttacks #FlaxTyphoon #Microsoft #Security #China #APT #VPN
#cyberespionage #cyberattacks #flaxtyphoon #microsoft #security #china #apt #vpn
Mr.Trunk · @mrtrunk
9 followers · 16971 posts · Server dromedary.seedoubleyou.meSecurityAffairs: China-linked Flax Typhoon APT targets Taiwan https://securityaffairs.com/149862/apt/chinese-apt-flax-typhoon-targets-taiwan.html #informationsecuritynews #ITInformationSecurity #PierluigiPaganini #SecurityAffairs #BreakingNews #SecurityNews #FlaxTyphoon #hackingnews #Hacking #Taiwan #China #APT
#informationsecuritynews #itinformationsecurity #pierluigipaganini #securityaffairs #breakingnews #securitynews #flaxtyphoon #hackingnews #hacking #taiwan #china #apt
Mr.Trunk · @mrtrunk
9 followers · 16870 posts · Server dromedary.seedoubleyou.meSecurityAffairs: China-linked Flax Typhoon APT targets Taiwan https://securityaffairs.com/149862/apt/chinese-apt-flax-typhoon-targets-taiwan.html #informationsecuritynews #ITInformationSecurity #PierluigiPaganini #SecurityAffairs #BreakingNews #SecurityNews #FlaxTyphoon #hackingnews #Hacking #Taiwan #China #APT
#informationsecuritynews #itinformationsecurity #pierluigipaganini #securityaffairs #breakingnews #securitynews #flaxtyphoon #hackingnews #hacking #taiwan #china #apt
Anonymous :anarchism: 🏴 · @YourAnonRiots
6052 followers · 37713 posts · Server mstdn.social
#Chinese nation-state "#FlaxTyphoon" hacker group suspected in cyber espionage across Taiwanese organizations. They rely on living-off-the-land techniques for persistence, lateral movement, and gaining credentials.
https://thehackernews.com/2023/08/china-linked-flax-typhoon-cyber.html
#InfoSec #CyberSecurity #flaxtyphoon #chinese
Mr.Trunk · @mrtrunk
9 followers · 16774 posts · Server dromedary.seedoubleyou.meSecurityAffairs: China-linked Flax Typhoon APT targets Taiwan https://securityaffairs.com/149862/apt/chinese-apt-flax-typhoon-targets-taiwan.html #informationsecuritynews #ITInformationSecurity #PierluigiPaganini #SecurityAffairs #BreakingNews #SecurityNews #FlaxTyphoon #hackingnews #Hacking #Taiwan #China #APT
#informationsecuritynews #itinformationsecurity #pierluigipaganini #securityaffairs #breakingnews #securitynews #flaxtyphoon #hackingnews #hacking #taiwan #china #apt