Weathering the storm: In the midst of a Typhoon

Cisco Talos is monitoring a sophisticated threat actor, Salt Typhoon, targeting major U.S. telecommunications companies. The actor uses stolen credentials and living-off-the-land techniques to persist in networks, exfiltrate sensitive information, and pivot through infrastructure. Defenders are advised to implement comprehensive configuration management, authentication monitoring, and log analysis to detect and prevent Salt Typhoon’s activities.