Since June 2022, BianLian group actors have targeted multiple U.S. and Australian critical infrastructure sectors, along with professional services and property development. They gain access via valid RDP credentials, use open-source tools for discovery and credential harvesting, and exfiltrate data through FTP, Rclone, or Mega....