The China-linked operation has grown from a phishing kit marketplace into an active and growing community supporting a decentralized large-scale phishing ecosystem.
Phantom Taurus has stolen sensitive data from ministries of foreign affairs, embassies, diplomats and telecom networks in the Middle East, Africa and Asia, researchers said.
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.
Attackers have already used the exploit dubbed “ToolShell” to intrude hundreds of organizations globally, including private companies and government agencies.
Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.
Then-Millenium challenge corporation CEO Sean Cairncross speaks during a ceremony on Aug. 5, 2019 at the presidential palace in Abidjan. (Photo by ISSOUF SANOGO / AFP) (Photo credit should read ISSOUF SANOGO/AFP via Getty Images)