Today, we've published a report on Sophos MDR's investigation into renewed cyberespionage tied to Operation Crimson Palace, an intrusion into a SE Asian government agency that has expanded to other regional public service organizations. A month after the previous campaign appeared to end, the actors behind three threat clusters we tracked renewed their efforts with new tools and tactics to evade blocks Sophos X-Ops had deployed to disrupt them. /1
https://news.sophos.com/en-us/2024/09/10/crimson-palace-new-tools-tactics-targets/
Sophos X-Ops
npub1xr…hfkxn
2024-09-10 12:24:30 UTC
Author Public Key
npub1xrhn2zk0fhcxz8gtaggj0hfmvgm0j4v5n2c2yhjssu22tqmxnmgslhfkxnSeen on
wss://relay.momostr.pinkPublished at
2024-09-10 12:24:30 UTCEvent JSON
{
"id": "672b3331dfc380df267451f3c3b56dd017b0c377a5ec02fadf4574378ee71775",
"pubkey": "30ef350acf4df0611d0bea1127dd3b6236f955949ab0a25e508714a583669ed1",
"created_at": 1725971070,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@SophosXOps/113113240082747551",
"web"
],
[
"proxy",
"https://infosec.exchange/users/SophosXOps/statuses/113113240082747551",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/SophosXOps/statuses/113113240082747551",
"pink.momostr"
],
[
"-"
]
],
"content": "Today, we've published a report on Sophos MDR's investigation into renewed cyberespionage tied to Operation Crimson Palace, an intrusion into a SE Asian government agency that has expanded to other regional public service organizations. A month after the previous campaign appeared to end, the actors behind three threat clusters we tracked renewed their efforts with new tools and tactics to evade blocks Sophos X-Ops had deployed to disrupt them. /1\nhttps://news.sophos.com/en-us/2024/09/10/crimson-palace-new-tools-tactics-targets/",
"sig": "be6cf2508ed4220b313e1daaf753474673759a190994c5b6343265f4ca66f0c27cbfe42c5c80316651e5d902e9a6fcf17621df94277cad22610c0e854b658dd3"
}