Home / Companies / Crowdstrike / Blog / Post Details
Content Deep Dive

MURKY PANDA: A Trusted-Relationship Threat in the Cloud

Blog post from Crowdstrike

Post Details
Company
Date Published
Author
MURKY PANDA
Word Count
2,859
Company Posts That Month
Language
English
Hacker News Points
-
Post removed?
No
Summary

CrowdStrike's blog discusses the activities of MURKY PANDA, a sophisticated China-nexus adversary known for targeting government, technology, academic, legal, and professional services sectors in North America through cloud-based cyberespionage. The adversary has demonstrated expertise in exploiting internet-facing appliances and leveraging trusted-relationship compromises in the cloud, often using advanced operational security measures to avoid detection. MURKY PANDA has exploited both n-day and zero-day vulnerabilities, including CVE-2023-3519, and utilized custom malware like CloudedHope to achieve their intelligence-gathering objectives. They have also been observed compromising SaaS providers and cloud solution providers to access downstream customers' environments, highlighting their proficiency in navigating complex cloud infrastructures. CrowdStrike's analysis emphasizes the importance of rigorous monitoring and security measures to counter such threats, especially for organizations heavily reliant on cloud environments.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 4 437 72 18 +103%
AI Agents 2 2,394 1,321 1 -
LLM 1 240 126 2 +5900%
Zero Trust 1 1,843 1,331 3 +61333%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.