Tag Archive for: Taiwan

Flax Typhoon targeting Taiwan, Ransomware Emphasizing Linux-Centric Payloads


Flax Typhoon: Microsoft Uncovers Espionage Tactics Targeting Taiwan       

Microsoft has detected malicious activities primarily targeting Taiwanese organizations by a nation-state actor named Flax Typhoon, which is believed to be based in China.[1] The actor’s tactics suggest intentions of espionage and long-term access to various industries. Despite extensive activities, Flax Typhoon does not seem to have a clear end-goal in this campaign, as Microsoft did not observe data-collection or exfiltration objectives. 

Active since mid-2021, Flax Typhoon has targeted government, education, manufacturing, and IT sectors in Taiwan, with some victims in Southeast Asia, North America, and Africa. The actor’s focus is on persistence, lateral movement, and credential access. Flax Typhoon employs living-off-the-land techniques, using tools such as China Chopper web shell, Metasploit, Juicy Potato, Mimikatz, and SoftEther VPN client. The actor gains initial access by exploiting vulnerabilities in public facing servers. The group uses tools like Juicy Potato, to establish persistence via (Remote Desktop Protocol), and SoftEther VPN to set up command and control. Once established, Flax Typhoon accesses credentials using tools like Mimikatz to target the LSASS process memory and SAM registry hive.  

The techniques deployed by Flax Typhoon can easily be reused in targeted attacks. Defenders should hunt for signs of compromise shared by Microsoft and adhere to basic security hygiene including but not limited to vulnerability and patch management, hardening on public-facing servers, and enforcing strong multifactor authentication (MFA) policies. 

*** This is a Security Bloggers Network syndicated blog from EclecticIQ Blog authored by Jörg Abraham. Read the original post at: https://blog.eclecticiq.com/flax-typhoon-targeting-taiwan-ransomware-emphasizing-linux-centric-payloads

Source…

China Cyberattacked US Corporations Front Lines Taiwan Microsoft Guam


This week, news broke that China cyberattacked the US homeland. The attackers breached critical infrastructure in Guam, an often-forgotten US territory critical to US defense and power projection. The sophisticated attack infiltrated computer networks used for both civilian and military purposes. MicrosoftMSFT assessed with “moderate confidence” that the attackers are laying the groundwork for cyber capabilities that could threaten communications infrastructure in the future. The cyberattack is a serious event that presages a cruel reality of any future conflict with China—civilians are on the front lines, and corporations will need to defend them.

The cyberattack was revealed by Microsoft and the intelligence-sharing group known as the Five Eyes: the United States, United Kingdom, New Zealand, Australia, and Canada. Microsoft and agencies from each of the Five Eyes countries attributed the attack to a China-sponsored group called Volt Typhoon, which has targeted infrastructure organizations in Guam and the US since mid-2021. Volt Typhoon is capable of infiltrating corporate systems and stealing user credentials while avoiding detection for as long as possible. Microsoft directly notified customers who were targeted or compromised and provided necessary information to secure their businesses. China has denied the attack, calling it a “sophisticated disinformation campaign” by the Five Eyes.

Source…

New Jersey passes resolution affirming trade with Taiwan


  • By Jonathan Chin / Staff writer, with CNA

The New Jersey General Assembly on Thursday passed a resolution backing a bilateral trade agreement between Taiwan and the US, and supporting Taiwan’s bid to participate in the WHO and other international organizations.

The resolution marking the sister-state relationship between Taiwan and New Jersey established in 1989 unanimously passed the lower chamber of the state house by a vote of 75-0.

Hans Chang (張俊裕), deputy director-general of the Taipei Economic and Cultural Office (TECO) in New York, witnessed the resolution’s passage as a special guest.

Photo: REUTERS

Taiwan and New Jersey share free and democratic values and strong economic ties, and the resolution would deepen the partnership, said Assemblyman Robert Karabinchak, a US Democrat who sponsored the bill.

Taiwan thanks New Jersey state lawmakers for their support and friendship and looks forward to strengthening the bilateral partnership, TECO said in a statement.

In March, President Tsai Ing-wen (蔡英文) met New Jersey Governor Phil Murphy during her transit through New York, and discussed the nation’s collaboration with the governor’s economic and infrastructure initiatives, it said.

Taiwan’s six core strategic industries development plan could complement Murphy’s policies, especially in high-tech industries, green energy, traffic, communications, biotechnology and secure supply chains, it said.

The resolution mentions the increased collaboration between Taiwan and the US in supply chain resilience, efforts to counter Beijing’s economic coercion, development of a digital economy and improvement of Internet security, among other issues, TECO said.

The assembly urged Washington to continue supporting Taiwan’s effort for inclusion in the WHO, International Civil Aviation Organization and Interpol, it said.

The nation’s partnership with New Jersey is strong, with Taoyuan and Newark inking a…

Source…

Will Russia’s struggle in Ukraine help Taiwan — or hurt it? | Russia-Ukraine war


In the lead-up to Russia’s invasion of Ukraine in February 2022, Beijing and Moscow doubled down on their close relationship.

While Chinese President Xi Jinping and his Russian counterpart Vladimir Putin have a long history of working together, they publicly cemented their ties with a “no-limits” partnership just weeks before the war began.

The timing of the meeting and the subsequent invasion, after the Beijing Winter Olympics had concluded, led many observers to wonder whether Xi knew the war was coming. They also wondered, as Russian troops rolled into Ukraine, whether Taiwan was next.

Superficially at least, Ukraine and Taiwan appear to have much in common. Both are democracies whose territories have historically been claimed by much larger and better-armed neighbours. Beijing has long pledged to “reunify” with Taiwan by force or by peace by 2049, the year the Chinese Communist Party has set for the “great rejuvenation of the Chinese nation”, 100 years after their victory in the country’s Civil War.

Tensions across the Taiwan Strait rose further last August as Nancy Pelosi, then the United States House of Representatives speaker, became the highest-ranking US official to visit Taipei in 25 years. China responded with a series of war exercises around Taiwan and ramped up its rhetoric. In 2022, Beijing sent a record 1,737 flights into Taiwan’s Air Defence Identification Zone, which includes the airspace around Taiwan and the coast of China, according to data compiled by Gerald C Brown and Ben Lewis, independent defence analysts who track such incursions. This was more than the combined numbers for the previous four years.

Now, on the eve of the anniversary of the invasion of Ukraine, Russia’s struggles to make advances in the war have once again given rise to questions about what lessons China may have learned from its close ally. Will China conclude that it might be better to attack Taiwan before it is better prepared to defend itself? Or has Putin’s war shown the perils of rushing into such a conflict?

The short answer: Predicting China’s behaviour is a challenge because its decision-making is opaque to much of the outside world. Instead, China…

Source…