Threat Group: Earth Estries (also known as Salt Typhoon, GhostEmperor, UNC2286)
Threat Type: Advanced Persistent Threat (APT)
Exploited Vulnerabilities: Multiple N-day vulnerabilities in Ivanti Connect Secure, Fortinet FortiClient EMS, Sophos Firewall, and Microsoft Exchange Server
Malware Used: GHOSTSPIDER backdoor, MASOL RAT, Demodex rootkit, Deed RAT (SNAPPYBEE)
Threat Score: High (8.