Tag: china
-
Suspected Chinese malware operation HiatusRAT menacing IoT devices
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/suspected-chinese-malware-operation-menacing-iot-devices-with-hiatus-rat
-
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
by
in SecurityNews
Tags: access, ai, authentication, best-practice, business, china, cisa, cisco, cloud, computer, control, cyber, cybersecurity, data, data-breach, email, extortion, finance, framework, fraud, google, government, guide, hacker, identity, incident, incident response, infrastructure, intelligence, international, Internet, jobs, korea, kubernetes, law, lessons-learned, linux, login, malicious, microsoft, mobile, monitoring, network, north-korea, office, password, regulation, risk, risk-management, russia, service, software, tactics, technology, threat, tool, updateCheck out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchmarks; and local and state governments’ cyber challenges. Dive…
-
Use Signal or other secure communications app
by
in SecurityNewsIn the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/20/cisa-guide-secure-communications-mfa-iphone-android-signal/
-
US reportedly mulling TP-link ban amid escalating Chinese intrusions
by
in SecurityNews
Tags: chinaFirst seen on scworld.com Jump to article: www.scworld.com/brief/us-reportedly-mulling-tp-link-ban-amid-escalating-chinese-intrusions
-
China accuses US of cyberespionage against tech firms
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/china-accuses-us-of-cyberespionage-against-tech-firms
-
Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets
by
in SecurityNewsThe CNCERT said it had “handled’ two attacks on Chinese tech companies, which it attributed to an unnamed suspected U.S. intelligence agency. First seen on cyberscoop.com Jump to article: cyberscoop.com/chinese-cyber-center-us-alleged-cyberattacks-trade-secrets/
-
US government urges high-ranking officials to lock down mobile devices following telecom breaches
by
in SecurityNewsThe move to urge Americans to use end-to-end encrypted apps comes as China-backed gangs are hacking into phone and internet giants. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/19/us-government-urges-high-ranking-officials-to-lock-down-mobile-devices-following-telecom-breaches/
-
CISA Releases Mobile Security Guidance After Chinese Telecom Hacking
by
in SecurityNewsIn light of recent Chinese hacking into US telecom infrastructure, CISA has released guidance on protecting mobile communications. The post CISA Releases Mobile Security Guidance After Chinese Telecom Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-releases-mobile-security-guidance-after-chinese-telecom-hacking/
-
CISA issues mobile security guidance following China hacks
by
in SecurityNewsFollowing the Salt Typhoon attacks, CISA offers advice to ‘highly targeted’ individuals, such as using end-to-end encryption and moving away from purely SMS-based MFA. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617459/CISA-issues-mobile-security-guidance-following-China-hacks
-
US eyes ban on TP-Link routers amid cybersecurity concerns
by
in SecurityNews
Tags: attack, business, china, compliance, computer, corporate, country, cyber, cyberattack, cybercrime, cybersecurity, ddos, defense, espionage, exploit, flaw, government, hacking, infrastructure, intelligence, law, malicious, microsoft, network, risk, router, technology, threat, vulnerability, wifiThe US government is investigating TP-Link, a Chinese company that supplies about 65% of routers for American homes and small businesses, amid concerns about national security risks. Reports suggest these routers have vulnerabilities that cybercriminals exploit to compromise sensitive enterprise data.Investigations by the Commerce, Defense, and Justice Departments indicate that the routers may have been…
-
CISA Released Secure Mobile Communication Best Practices 2025
by
in SecurityNews
Tags: best-practice, china, cisa, communications, cyber, cybersecurity, espionage, infrastructure, malicious, mobile, threatThe Cybersecurity and Infrastructure Security Agency (CISA) has released new best practice guidance to safeguard mobile communications amid rising concerns over cyber espionage activities linked to People’s Republic of China (PRC)-affiliated threat actors. These malicious actors have been targeting commercial telecommunications infrastructure to intercept call records and compromise the private communications of highly targeted individuals,…
-
US CISA Endorses Encrypted Apps Amid Chinese Telecom Hack
by
in SecurityNewsCISA Recommends Strict Mobile Security Measures Following Salt Typhoon Telecom Hack. The Cybersecurity and Infrastructure Security Agency’s latest guidance calls on top U.S. political and government officials to adopt stricter mobile security measures in response to the Salt Typhoon hacking campaign, a Chinese espionage effort that has infiltrated major telecom systems. First seen on govinfosecurity.com…
-
Espionage Campaign Targets Turkish Defense Industry
by
in SecurityNewsAPT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT. A suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh. First seen on govinfosecurity.com Jump…
-
Espionage Campaign Targets Turkish Defense Industry
by
in SecurityNewsAPT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT. A suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh. First seen on govinfosecurity.com Jump…
-
That cheap webcam? HiatusRAT may be targeting it, FBI warns
by
in SecurityNewsWebcams have been a key part of business and home offices everywhere, especially since the COVID pandemic hit. But they are not often high-quality products, especially if used only sporadically, as many consumers and remote workers are content with a cheap one from China. This not only causes regular hardware problems, but it can also be…
-
FBI Warns of HiatusRAT Targeting Vulnerable IoT Devices
by
in SecurityNewsMalware Targets Vulnerable Web Cameras and DVRs Worldwide. Hackers are deploying brute force attacks and using unpatched vulnerabilities to target Chinese-manufactured web cameras and DVRs, the FBI is warning. Targets include a range of organizations in Taiwan and at least one U.S. government server. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fbi-warns-hiatusrat-targeting-vulnerable-iot-devices-a-27081
-
Winnti-Like ‘Glutton’ Backdoor Targets Cybercriminals
by
in SecurityNewsMalware Exploits Cybercrime Ecosystem for Profit. Hackers are using a variant of a backdoor that’s the hallmark of a Chinese threat actor suspected of ties to Beijing in order to target the cybercriminal underground. The malware t shares near-complete similarity with a backdoor exclusively used by the Winnti Group. First seen on govinfosecurity.com Jump to…
-
The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs
The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. The report includes a set of recommendations to mitigate the exposure to the…
-
10 Major Ransomware Attacks And Data Breaches In 2024
by
in SecurityNewsMajor ransomware attacks and data breaches in 2024 included the Change Healthcare attack, data theft attacks targeting Snowflake customers and the China-linked Salt Typhoon campaign against U.S. government officials. First seen on crn.com Jump to article: www.crn.com/news/security/2024/10-major-ransomware-attacks-and-data-breaches-in-2024
-
US moves to tighten restrictions on China Telecom amid security fears
The US Commerce Department is intensifying its actions against China Telecom’s US unit over concerns that its cloud and internet services could be used to funnel American data to Beijing, according to a Reuters report.The department issued a preliminary finding last week, stating that China Telecom Americas’ involvement in US networks and cloud services presents a…
-
Winnti-Like Glutton Backdoor Targets Cybercriminals
by
in SecurityNewsMalware Exploits Cybercrime Ecosystem for Profit. Hackers are using a variant of a backdoor that’s the hallmark of a Chinese threat actor suspected of ties to Beijing in order to target the cybercriminal underground. The malware t shares near-complete similarity with the a backdoor exclusively used by the Winnti Group. First seen on govinfosecurity.com Jump…
-
More limited US-China technology deal signed
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/more-limited-us-china-technology-deal-signed
-
PHP backdoor looks to be work of Chinese-linked APT group
by
in SecurityNewsKnown as Glutton, researchers at QiAnXin’s XLab believe Winnti is responsible for the malware. First seen on cyberscoop.com Jump to article: cyberscoop.com/glutton-php-backdoor-winnti-apt-41-china/
-
Trump administration wants to go on cyber offensive against China
by
in SecurityNewsThe US has never attacked Chinese critical infrastructure before, right? First seen on theregister.com Jump to article: www.theregister.com/2024/12/16/trump_administration_china_offensive/
-
China’s homebrew Bluetooth alternative is on the march as Beijing pushes universal remotes
by
in SecurityNews‘Star Flash’ is said to include 5G tech and leave rival wireless protocols struggling in the crack of a sofa First seen on theregister.com Jump to article: www.theregister.com/2024/12/16/china_starflash_universal_remotes_standard/
-
FBI, CISA issue warning for cross Apple-Android texting
by
in SecurityNewsCISA and the FBI recently released a joint statement that the People’s Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/fbi-cisa-issue-warning-for-cross-apple-android-texting/
-
SAP-Systeme geraten zunehmend ins Visier von Cyber-Angreifern
by
in SecurityNews
Tags: access, authentication, china, cve, cyber, cybercrime, dark-web, exploit, hacker, intelligence, Internet, ransomware, sap, siem, update, vulnerability, zero-daywidth=”5000″ height=”2813″ sizes=”(max-width: 5000px) 100vw, 5000px”>Angriffe auf SAP-Systeme versprechen Hackern fette Beute. ShutterstockEin Rückblick auf Bedrohungsdaten aus den zurückliegenden vier Jahren macht deutlich, dass immer mehr Cyberkriminelle SAP-Systeme ins Visier nehmen. Das berichtete Yvan Genuer, leitender Sicherheitsforscher bei Onapsis auf der Black Hat Europe, die vom 9. bis 12. Dezember 2024 in London stattfand. Demzufolge…
-
New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP
by
in SecurityNewsCybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa.QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously unknown malware with moderate confidence to the prolific Chinese nation-state group tracked Winnti…
-
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/winnti-hackers-target-other-threat-actors-with-new-glutton-php-backdoor/