Despite exploiting the Cisco IOS vulnerability, tracked as CVE-2018-0171, in one of the intrusions, Salt Typhoon mostly leveraged stolen credentials to facilitate initial compromise, which was followed by the exfiltration of network device configuration credentials and the alteration of network configurations to allow command execution and concealed account creation.
Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.
Article Link: Novel malware leveraged in Salt Typhoon attacks against US telcos | SC Media