The same China-based threat actor group that leaked government employee SSNs in 2015 is now targeting managed IT service providers (MSPs). They're leveraging the malware implant, Red Leaves; A breach makes it frighteningly easy for attackers to laterally move into client environments.
Dubbed APT10, the attackers have developed innovative techniques for stealing intellectual property and other sensitive information. This is one of the largest sustained cybersecurity campaigns, to date, and it poses a threat to organizations worldwide.
Check out our other Threat Hunting lessons