News Snapshot:
The Chinese state-aligned threat actor TA423 (aka Leviathan/APT40) is behind a sustained cyber-espionage campaign against countries and entities operating in the South China Sea, including organizations involved in an offshore wind farm in the Taiwan Strait. The threat actor's most recent campaigns used malicious emails impersonating Australian media organizations, including the fake Australian Morning News, to deliver ScanBox malware for reconnaissance, according to a report drafted by cybersecurity firm Proofpoint, working in collaboration with PwC. Researchers also observed phishing activity targeting governmental agencies, media companies, and South China Sea wind turbine operators, as well as a European manufacturer supplying equipment...
