Cyberwarfare: China-Linked UAT-7290 usually active in South Asia expands its espionage-focused intrusions into Southeastern Europe, targeting telecoms

cross-posted from: https://mander.xyz/post/45241581

TL;DR:
- China-linked threat actor UAT-7290 has been active since at least 2022 in South Asia but is now also active in Europe
- It is focusing on intrusions against critical infrastructure entities in Southeast Europe
- UAT-7290 shares tactical and infrastructure overlaps with China-linked adversaries known as Stone Panda and RedFoxtrot (aka Nomad Panda)

...

Here is the technical report by Cisco Talos

Web archive link