Nation-state group CL-STA-0969 targeted Southeast Asian telecoms in 2024

Nation-state actor CL-STA-0969 targeted Southeast Asian telecoms from February to November 2024, exploiting vulnerabilities and using custom tools for covert access and command-and-control. The group, linked to Liminal Panda, demonstrated a deep understanding of telecom environments, using techniques like DNS tunneling and process disguising to maintain stealth. Despite no evidence of data exfiltration, the group’s actions highlight the need for vigilant security measures in the telecom sector.