Chinese
-
Blog
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device Volexity researchers report that they discovered this flaw earlier this summer and reported it to Fortinet, but…
Read More » -
Blog
US consumer protection agency bans employee mobile calls amid Chinese hack fears
The US Consumer Financial Protection Bureau (CFPB) has issued an urgent directive barring employees and contractors from using mobile phones for work-related calls, following a major breach in US telecommunications infrastructure attributed to Chinese-linked hackers. According to an internal memo, CFPB’s chief information officer advised staff to move sensitive discussions to secure platforms like Microsoft Teams and Cisco WebEx, reported…
Read More » -
Blog
Chinese hackers use Quad7 botnet to steal credentials
Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. Quad7, also known as CovertNetwork-1658 or xlogin, is a botnet first discovered by security researcher Gi7w0rm that consists of compromised SOHO routers. Later reports by Sekoia and Team Cymru reported that the threat actors are targeting routers and networking devices from TP-Link,…
Read More » -
Blog
Sophos reveals 5-year battle with Chinese hackers attacking network devices
Sophos disclosed today a series of reports dubbed “Pacific Rim” that detail how the cybersecurity company has been sparring with Chinese threat actors for over 5 years as they increasingly targeted networking devices worldwide, including those from Sophos. For years, cybersecurity firms have warned enterprises that Chinese threat actors exploit flaws in edge networking devices to install custom malware that…
Read More » -
Blog
US says Chinese hackers breached multiple telecom providers
The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. The breached entities have been warned, and the agencies are proactively alerting other potential targets of the elevated cyber activity. “The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/24608113/Mavic_3_Pro_RC_Pro_lifestyle_2.jpg)
DJI sues the US Department of Defense for labeling it a ‘Chinese Military Company’
DJI, the world’s largest drone company, is suing to avoid being seen as a tool of the Chinese government. On Friday, it sued the US Department of Defense to delete its name from a list of “Chinese Military Companies,” claiming it has no such relationship to Chinese authorities and has suffered unfairly as a result of that designation. Since DJI…
Read More » -
Blog
Chinese cybersecurity association urges review of Intel products – Computerworld
“The sanctions will definitely have repercussions and a short-term impact on Intel,” said Pareekh Jain, CEO of Pareekh Consulting. “But although rivals like AMD might see some initial benefit, eventually they will likely be targeted as well. The medium-term goal seems to be to bolster China’s domestic chip industry.” Speculations on Chinese companies China has been pushing for self-sufficiency in…
Read More » -
Blog
Chinese researchers break RSA encryption with a quantum computer
“Many cryptographic algorithms that enterprises rely on today, such as RSA and ECC, are based on mathematical problems that are computationally difficult for classical computers to solve efficiently,” said Prabhjyot Kaur, senior analyst at Everest Group. “However, the advent of quantum computing threatens the security of these algorithms. The need for robust quantum-safe or post-quantum cryptographic solutions becomes increasingly evident…
Read More » -
Blog
Windows 11 gets updates KB5044388 and KB5044386 with new Clock app and Chinese font (preview)
Microsoft ships build 26120.1930 (KB5044388) in the Dev Channel and build 22635.4300 (KB5044386) in the Beta Channel. These updates expand the option to change the Copilot key action, the new Sandbox app, and security improvements for Windows Search. Microsoft is now rolling out two new previews of Windows 11, including build 26120.1930 (KB5044388) in the Dev Channel and build 22635.4300…
Read More » -
Blog
Chinese hacking groups target Russian government, IT firms
A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian government organizations and IT companies, are linked to Chinese hackers of the APT31 and APT 27 groups. Kaspersky, who discovered the activity, dubbed the campaign “EastWind,” reporting that it employs an updated version of the CloudSorcerer backdoor spotted in a similar…
Read More »