Operation Crimson Palace
Dec 08, 2024•43 min•Season 1Ep. 7
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episode description
On this episode, Mark Parsons, Senior Threat Hunter at Sophos MDR, discusses his team's investigation into Operation Crimson Palace, which uncovered Chinese state-sponsored cyberespionage targeting a Southeast Asian government. Mark explains how they identified three distinct clusters of activity using advanced malware and evasion techniques, including previously unreported tools like CCoreDoor and PocoProxy.
Show Notes
- Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government
- Surfacing a Hydra: Unveiling a Multi-Headed Chinese State-Sponsored Campaign Against a Foreign Government
- Crimson Palace returns: New Tools, Tactics, and Targets
For the best experience, listen in Metacast app for iOS or Android