Tag: china
-
Democrats and Republicans condemn espionage-driven Chinese hack
by
in SecurityNewsOngoing infiltration by Salt Typhoon group has hit US telecoms companies and Trump, Vance and HarrisDemocrats and Republicans have come together in a rare moment of unity to condemn an espionage-driven Chinese infiltration of the US telecommunications system that has been called the worst hack in American history.Carried out by a group called Salt Typhoon…
-
Australian IT Pros Urged to Guard Against Chinese Cybersecurity Threats
by
in SecurityNewsAustralian IT pros are urged to strengthen defenses as Chinese cyber threats target critical infrastructure and sensitive data. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/australian-it-pros-warned-against-chinese-cybersecurity-threats/
-
Why the Recent Telecom Hack Underscores the Need for EndEnd Encryption
by
in SecurityNewsThe recent massive telecom hack by the Chinese state-sponsored group Salt Typhoon has highlighted critical vulnerabilities in traditional communication systems. The breach targeted major U.S. telecom providers, including Verizon, AT&T, and T-Mobile, compromising sensitive communications of government officials, political entities, and businesses. Attackers accessed call records, unencrypted text messages, and even live call audio by……
-
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions
by
in SecurityNews
Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-dayThe brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
-
US Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security Threats
by
in SecurityNewsThe new agreement has a narrower scope and additional safeguards to minimize the risk to national security. The post US Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security Threats appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-updates-a-science-and-technology-pact-with-china-to-reflect-growing-rivalry-and-security-threats/
-
Geheimdienstkreise: Zerstörung der Ostsee-Seekabel im Auftrag Russlands
by
in SecurityNews
Tags: chinaSicherheitskreise gehen jetzt davon aus, dass der Kapitän der Yi Peng 3 die Seekabel im Auftrag Russlands durchtrennt hat. China habe daran kein Interesse. First seen on golem.de Jump to article: www.golem.de/news/geheimdienstkreise-zerstoerung-der-ostsee-seekabel-im-auftrag-russlands-2412-191695.html
-
Holding Back Salt Typhoon + Other Chinese APT CVEs
by
in SecurityNewsOver the past several years, US Federal Agencies and private sector companies have observed China-based threat actors targeting network and telecommunication critical infrastructure. A wave of recent reports have disclosed that these attacks have succeeded in compromising government and industry targets to a far greater extent than previously thought. As a result, CISA has issued……
-
Chinese Cops Caught Using Android Spyware to Track Mobile Devices
Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-cops-using-android-spyware-track-mobile-devices
-
Southeast Asia subjected to suspected Chinese cyberespionage campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/southeast-asia-subjected-to-suspected-chinese-cyberespionage-campaign
-
Chinese hacker compromised 81K devices via zero-day in Sophos software
First seen on scworld.com Jump to article: www.scworld.com/news/chinese-hacker-compromised-81k-devices-via-zero-day-in-sophos-software
-
US Sanctions Chinese Cybersecurity Firm for Firewall Exploit, Ransomware Attacks
by
in SecurityNewsSUMMARY The United States has taken strong action against a Chinese cybersecurity company, Sichuan Silence Information Technology, for… First seen on hackread.com Jump to article: hackread.com/us-sanctions-chinese-cybersecurityfirm-firewall-ransomware/
-
Fake IT Workers Funneled Millions to North Korea, DOJ Says
by
in SecurityNewsThe fake IT worker scheme netted $88 million over six years, transferred through U.S. and Chinese financial systems to the DPRK government. The post Fake IT Workers Funneled Millions to North Korea, DOJ Says appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fake-it-workers-funneled-millions-to-north-korea-doj-says/
-
CISA and FCC Issue Urgent Call for Cyber Hardening for Communications Infrastructure
by
in SecurityNewsCISA has released new cybersecurity guidelines for communications infrastructure. The guidance comes in the wake of a series of disclosures that massive Telecommunications Carriers have been compromised by Salt Typhoon and other China-sponsored adversaries. At the same time, the U.S. Federal Communications Commission (FCC) has proposed a Declaratory Ruling to require telecommunications carriers to protect……
-
Why did China hack the world’s phone networks?
by
in SecurityNews
Tags: access, breach, china, communications, cyberattack, cybercrime, cybersecurity, government, group, hacker, Internet, microsoft, network, phone, service, technologySalt Typhoon breached dozens of telecoms around the world<ul><li><a href=”https://www.theguardian.com/info/2022/sep/20/sign-up-for-the-techscape-newsletter-our-free-technology-email”>Don’t get TechScape delivered to your inbox? Sign up here</li></ul>Chinese hackers <a href=”https://www.theguardian.com/technology/2024/dec/04/chinese-hackers-american-cell-phones”>have breached dozens of telecommunications companies around the world. The breach, christened Salt Typhoon by Microsoft cybersecurity researchers, has afforded the cybercriminals unprecedented access not only to information on who has been texting or…
-
Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement
Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from…
-
Chinese Hacker Pwns 81K Sophos Devices With Zero-Day Bug
The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and testing a critical SQL injection flaw with a CVSS score of 9.8 used in Sophos attacks. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-hacker-pwns-81k-sophos-devices-with-zero-day-bug
-
Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement
Lookout details EagleMsgSpy, a surveillance tool used by Chinese law enforcement to collect data from Android devices. The post Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/mobile-surveillance-tool-eaglemsgspy-used-by-chinese-law-enforcement/
-
Triad Nexus, Chinese Hackers Using 200,000 Domains For Widespread Cyber Attack
by
in SecurityNewsResearchers identified FUNNULL, a Chinese CDN, as hosting malicious content, which includes fake trading apps for financial fraud, gambling sites likely used for money laundering, and phishing login pages targeting luxury brands. The gambling sites use algorithmically generated domains and Tether cryptocurrency, possibly to bypass blocking and facilitate cross-border money flows. FUNNULL acquired polyfill.io, a…
-
New Chinese Surveillance Tool Attack Android Users Since 2017
by
in SecurityNewsWuhan Chinasoft Token Information Technology Co., Ltd. developed EagleMsgSpy, a surveillance tool operational since 2017, which, installed as an APK, secretly collects extensive user data, including chat messages, screen recordings, audio, call logs, contacts, SMS, location, and network activity. Because the data is sent to a command-and-control server, there is a possibility that it could…
-
Lookout Discovers New Spyware Deployed by Russia and China
by
in SecurityNewsRussian-made spyware BoneSpy and PlainGnome target former Soviet states, while public security bureaus in mainland China use Chinese surveillance tool EagleMsgSpy First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lookout-new-spyware-russia-china/
-
Russia focuses cyber attacks on Ukraine rather than West despite rising tension
Computer Weekly talks to GCHQ’s National Cyber Security Centre operations director Paul Chichester and former NCSC chief executive Ciaran Martin on Russia, China and Salt Typhoon First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617232/Russia-focuses-cyber-attacks-on-Ukraine-rather-than-West-despite-rising-tension
-
CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach
by
in SecurityNewsThe US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co. Ltd., for his alleged role in... First seen on securityonline.info Jump to article: securityonline.info/cve-2020-12271-exploited-fbi-seeks-chinese-hacker-behind-81000-device-breach/
-
Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign
by
in SecurityNewsIn a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to a Chinese Advanced Persistent Threat (APT) group targeting large business-to-business IT service providers... First seen on securityonline.info Jump to article: securityonline.info/operation-digital-eye-chinese-apt-exploits-visual-studio-code-tunnels-in-high-stakes-espionage-campaign/
-
Blocking Chinese spies from intercepting calls? There ought to be a law
by
in SecurityNewsSen. Wyden blasts FCC’s ‘failure’ amid Salt Typhoon hacks First seen on theregister.com Jump to article: www.theregister.com/2024/12/11/telecom_cybersecurity_standards/
-
Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches
by
in SecurityNewsThe annual defense spending bill contains money the FCC has sought to use to reimburse telecommunications carriers for removing Chinese equipment. First seen on cyberscoop.com Jump to article: cyberscoop.com/senators-witnesses-3b-for-rip-and-replace-a-good-start-to-preventing-salt-typhoon-style-breaches/
-
New EagleMsgSpy Android spyware used by Chinese police, researchers say
A previously undocumented Android spyware called ‘EagleMsgSpy’ has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-eaglemsgspy-android-spyware-used-by-chinese-police-researchers-say/
-
Chinese provincial security teams used spyware to collect texts, audio recordings
by
in SecurityNewsThe researchers said development of the EagleMsgSpy tool has continued throughout 2024, with the company behind it adding new capabilities and obfuscation features. ]]> First seen on therecord.media Jump to article: therecord.media/chinese-provincial-security-teams-use-spyware-collect-texts-location
-
Chinese APT Groups Targets European IT Companies
by
in SecurityNewsEvidence Mounts for Chinese Hacking ‘Quartermaster’. A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign Operation Digital Eye. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt-groups-targets-european-companies-a-27030
-
China using ‘EagleMsgSpy’ malware to tap Android devices
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/china-using-eaglemsgspy-to-tap-android-devices
-
VSCode Remote Tunnels exploited in suspected Chinese cyberespionage campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/vscode-remote-tunnels-exploited-in-suspected-chinese-cyberespionage-campaign