Volt Typhoon Strikes Massachusetts Power Utility | Ex-Employee Found Guilty in Revenge Kill-Switch Scheme

The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.

Mar. 13, 2025 Signup

Weekly Edition

The latest news and insights for cybersecurity professionals

- The Latest News and Features -

Volt Typhoon Strikes Massachusetts Power Utility ‎ The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.‎ Keep Reading →

Ex-Employee Found Guilty in Revenge Kill-Switch Scheme‎ Clandestine kill switch was designed to lock out other users if the developer's account in the company's Windows Active Directory was ever disabled.‎

China-Backed Hackers Backdoor US Carrier-Grade Juniper MX Routers‎ Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell."‎

Whopping Number of Microsoft Zero-Days Under Attack‎ The number of zero-day vulnerabilities getting patched in Microsoft's March update is the company's second-largest ever.‎

GitHub-Hosted Malware Infects 1M Windows Users‎ Microsoft has identified a complex, malvertising-based attack chain that delivered Lumma and other infostealers to enterprise and consumer PC users; the campaign is unlikely the last of its kind.‎

MITRE EMB3D for OT & ICS Threat Modeling Takes Flight‎ Manufacturers and infrastructure providers are gaining options to satisfy regulations and boost cyber safety for embedded and industrial control systems, as EMB3D, STRIDE, and ATT&CK for ICS gain traction.‎

Under Pressure: US Charges China's APT-for-Hire Hackers‎ The US Justice Department on Wednesday announced charges against members of the Chinese-backed i-Soon "secret" APT and APT27, the latter implicated in January's Treasury breach.‎

Cybercrime's Cobalt Strike Use Plummets 80% Worldwide‎ Fortra, Microsoft, and Health-ISAC have combined forces to claw back one of hackers' most prized attack tools, with massive takedowns.‎

THE EDGE

NIST Finalizes Differential Privacy Rules to Protect Data‎ The National Institute of Standards and Technology (NIST) released updated differential privacy guidelines for organizations to follow to protect personally identifiable information when sharing data.‎

DR TECHNOLOGY

Democratizing Security to Improve Security Posture‎ Analysts weigh in on how democratizing cybersecurity could benefit organizations, particularly SMBs, as threats increase across the landscape.‎

DR GLOBAL

'Desert Dexter' Hot Button Facebook Ads Tag Mideast Victims‎ A Libya-linked threat actor has resurfaced attacking the Middle East and North Africa, using the same old political phishing tricks to deliver AsyncRAT that have worked for years.‎

VIRTUAL EVENT

Cybersecurity's Most Promising New and Emerging TechnologiesJoin us on March 20 for this all-day virtual event, designed to update cybersecurity teams on some of the most promising emerging cybersecurity technologies and provide advice on using them.

Read More →

- Commentary -

Opinions from thought leaders around the cybersecurity industry

CISA Cuts: A Dangerous Gamble in a Dangerous World ‎ The Cybersecurity and Infrastructure Security Agency's role in risk management needs to expand, not shrink.‎

How Cyberattacks Affect Your Staff ‎ Businesses have a responsibility to safeguard their workforce, which is best achieved by preparing and equipping the whole organization to better face these worst-case cyber scenarios.‎

More Commentary →

- Upcoming Events -

Apr 3, 2025 Memory Safety & Exploit Management: Real-World Attacks & Defenses

Feb 26, 2025 Unlocking the Power of PostgreSQL for Enterprise: Scalability, Security, and Performance in the Modern Sovereign and Hybrid Data Landscape

Mar 20, 2025 [Dark Reading Virtual Event] Cybersecurity's Most Promising New and Emerging Technologies

More Events →

- More Resources -

WHITE PAPER The Forrester Total Economic Impact of CDSS

WHITE PAPER Palo Alto Networks ranks #1 in Advanced Cloud Firewalls Tests

WHITE PAPER A Growing Business: Nature Fresh Farms and VeloCloud

REPORT How Enterprises Secure Their Applications

More Resources →

- Elsewhere in Cyber This Week -

PALO ALTO NETWORKS

The Rise of Advanced Attacks — What Business Leaders Need to Know

‎

TECHTARGET SEARCH SECURITY

Incident Response for Web Application Attacks

‎

SQUAREX LABS

Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension

‎

- Do You Find Today’s Newsletter Helpful? -

Yes Not sure No

You received this message because you are subscribed to Dark Reading's Weekly newsletter. If a friend forwarded you this message, sign up here to get it in your inbox. Thoughts about this newsletter? Give us feedback.

Advertise With Us | Privacy Policy | Unsubscribe Copyright © 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US