Operation Crimson Palace
Manage episode 454688848 series 3582081
On this episode, Mark Parsons, Senior Threat Hunter at Sophos MDR, discusses his team's investigation into Operation Crimson Palace, which uncovered Chinese state-sponsored cyberespionage targeting a Southeast Asian government. Mark explains how they identified three distinct clusters of activity using advanced malware and evasion techniques, including previously unreported tools like CCoreDoor and PocoProxy.
Show Notes
- Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government
- Surfacing a Hydra: Unveiling a Multi-Headed Chinese State-Sponsored Campaign Against a Foreign Government
- Crimson Palace returns: New Tools, Tactics, and Targets
8 episodes