September 27, 2023 | The U.S. and Japanese governments have issued a joint advisory warning about BlackTech, a Chinese-linked hacking group actively targeting and exploiting routers, especially those from Cisco Systems Inc. BlackTech, also known as Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda, has shown capabilities in modifying router firmware without detection and exploiting routers’ domain-trust relationships to pivot between international subsidiaries and headquarters in Japan and the U.S. The threat group targets various sectors, including government, industrial, technology, media, electronics, and telecommunications, affecting entities supporting the U.S. and Japan militaries. The advisory urges organizations to review subsidiary connections, verify access, implement zero trust models, and adopt mitigations against known attack paths to detect and protect against BlackTech’s activities.
Read full article
