Operation Crimson Palace

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/15/1a/e0/151ae09c-81b5-67ca-dde0-bc93117dd0f8/mza_9708957744139733428.jpg/600x600bb.jpg

Malspace

Julien

9 episodes

1 week ago

A Cyber Security Podcast, focussed on Threat Research and the interesting people behind it.

Technology

RSS

All content for Malspace is the property of Julien and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

A Cyber Security Podcast, focussed on Threat Research and the interesting people behind it.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_nologo/41104413/41104413-1714510086610-76dd7680a003d.jpg

Operation Crimson Palace

Malspace

42 minutes 39 seconds

11 months ago

Operation Crimson Palace

On this episode, Mark Parsons, Senior Threat Hunter at Sophos MDR, discusses his team's investigation into Operation Crimson Palace, which uncovered Chinese state-sponsored cyberespionage targeting a Southeast Asian government. Mark explains how they identified three distinct clusters of activity using advanced malware and evasion techniques, including previously unreported tools like CCoreDoor and PocoProxy.

Show Notes

Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government
Surfacing a Hydra: Unveiling a Multi-Headed Chinese State-Sponsored Campaign Against a Foreign Government
Crimson Palace returns: New Tools, Tactics, and Targets