X-Industry

China-linked APT group Salt Typhoon (FamousSparrow and GhostEmperor) breached US broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data.

See:  https://redskyalliance.org/xindustry/hotels-under-attack

According to the Wall Street Journal, which reported the news exclusively, the security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on na

Activity Summary - Week Ending 15 October 2021:

• Red Sky Alliance identified 37, 307 connections from new IP’s checking in with our Sinkholes
• Analysts identified 1,873 new IP addresses participating in various botnets
• Sality remains the top Malware Variant at 33,705 times seen
• AtomSilo targeting Confluence
• FamousSparrow and Hotels
• BloodyStealer
• Another .edu Hit in the UK
• Pointing a Finger at China
• Spanish Melia Hotels hacked
• Afghan Telcom Roshan

Link to full report: IR-21-288-001_weekly_288.pdf

A new state-sponsored advanced persistent threat (APT), a term used to describe nation level sponsored and very sophisticated cyber-espionage groups, has been observed escalating attacks against hotels across the world.  Code-named FamousSparrow, this new APT was discovered by Slovak security firm ESET, which said it is tracking hotel focused attacks as far back as 2019.

“FamousSparrow’s victims are located in Europe (France, Lithuania, the UK), the Middle East (Israel, Saudi Arabia), the Americ