Canadian and U.S. agencies warn of Chinese-linked Salt Typhoon hackers exploiting Cisco IOS XE vulnerabilities to target global telecommunications providers for cyber espionage. New malware families SHOE RACK and UMBRELLA STAND have also been identified targeting Fortinet devices, indicating ongoing threats to network infrastructure. #SaltTyphoon #CVE2023-20198 #SHOE RACK #UMBRELLA STAND #Fortinet
Keypoints
- Salt Typhoon threat actors exploited a critical Cisco IOS XE vulnerability to access Canadian telecom devices.
- The attackers used the breach to modify configuration files and set up GRE tunnels for network traffic collection.
- Targeting spans beyond telecom to potentially include broader networks, with reconnaissance activities observed.
- The UK NCSC identified malware families SHOE RACK and UMBRELLA STAND attacking Fortinet firewalls.
- Shadows of Chinese state-sponsored hacking activities are evident in malware reuse and similar backdoor techniques.
Read More: https://thehackernews.com/2025/06/china-linked-salt-typhoon-exploits.html