Tag: china
-
SentinelOne warns of threat actors targeting its systems and high-value clients
by
in SecurityNewsSentinelOne warns China-linked APT group PurpleHaze attempted reconnaissance on its systems and high-value clients. Cybersecurity firm SentinelOne warns that a China-linked APT group, tracked as PurpleHaze, attempted to conduct reconnaissance on its infrastructure and high-value clients. The activity suggests targeted cyberespionage efforts aimed at gathering information for potential future attacks. SentinelOne first identified PurpleHaze’s activity…
-
WarGames it’s not 1983 anymore
by
in SecurityNewsChina’s state-sponsored cyber operations, driven by groups like Volt Typhoon, Salt Typhoon, Brass Typhoon, and APT41, and amplified by techniques like Fast Flux DNS, are not chasing Hollywood apocalypse”, they’re seizing America’s networks, turning our infrastructure into a weapon against us. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/wargames-its-not-1983-anymore/
-
Cyber Espionage Campaign Targets Uyghur Exiles with Trojanized Language Software
by
in SecurityNewsA sophisticated cyberattack targeted senior members of the World Uyghur Congress (WUC), the largest Uyghur diaspora organization, using a weaponized version of UyghurEditPP-a trusted open-source Uyghur language text editor. This incident exemplifies the technical evolution of digital transnational repression and the exploitation of cultural software by state-aligned threat actors, likely linked to the Chinese government.…
-
Enterprise-specific zero-day exploits on the rise, Google warns
by
in SecurityNews
Tags: access, apple, apt, attack, china, cisco, cloud, crime, crimes, cyberespionage, detection, endpoint, exploit, finance, flaw, google, group, Hardware, incident response, injection, Internet, ivanti, korea, lessons-learned, mandiant, microsoft, mitigation, network, north-korea, remote-code-execution, russia, service, strategy, technology, threat, tool, update, vpn, vulnerability, zero-daySurge in network edge device exploitation: Of the 33 zero-day vulnerabilities in enterprise-specific products, 20 targeted hardware appliances typically located at the network edge, such as VPNs, security gateways, and firewalls. Notable targets last year included Ivanti Cloud Services Appliance, Palo Alto Networks’ PAN-OS, Cisco Adaptive Security Appliance, and Ivanti Connect Secure VPN.Targeted attacks against…
-
Windows Backdoor Targets Members of Exiled Uyghur Community
by
in SecurityNewsA spear-phishing campaign sent Trojanized versions of legitimate word-processing software to members of the World Uyghur Congress as part of China’s continued cyber-espionage activity against the ethnic minority. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/windows-backdoor-targets-members-exhiled-uyghur-community
-
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients
by
in SecurityNewsCybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers.”We first became aware of this threat cluster during a 2024 intrusion conducted against an organization previously providing hardware logistics services for SentinelOne employees,” security First seen on thehackernews.com Jump to article:…
-
Government hackers are leading the use of attributed zero-days, Google says
by
in SecurityNewsGovernments like China and North Korea, along with spyware makers, used the most recorded zero-days in 2024. First seen on techcrunch.com Jump to article: techcrunch.com/2025/04/29/government-hackers-are-leading-the-use-of-attributed-zero-days-google-says/
-
‘Source of data’: are electric cars vulnerable to cyber spies and hackers?
by
in SecurityNewsBritish defence firms have reportedly warned staff not to connect their phones to Chinese-made EVsMobile phones and desktop computers are longstanding targets for cyber spies but how vulnerable are electric cars?On Monday the i newspaper claimed that British defence firms working for the UK government have warned staff against connecting or pairing their phones with…
-
Krebs: People should be ‘outraged’ at efforts to shrink federal cyber efforts
by
in SecurityNewsAt the RSA Conference, former CISA chief Chris Krebs said recent efforts by China-linked hacking groups makes it more important than ever to grow the federal cyber workforce. First seen on therecord.media Jump to article: therecord.media/krebs-outrage-efforts-to-shrink-federal-cyber-workforce
-
Open source text editor poisoned with malware to target Uyghur users
by
in SecurityNewsWhoever could be behind this attack on an ethnic minority China despises? First seen on theregister.com Jump to article: www.theregister.com/2025/04/29/citizen_lab_uyghur_phishing_malware/
-
House passes bill to study routers’ national security risks
by
in SecurityNewsLawmakers say the ROUTERS Act is critical to understanding vulnerabilities in devices exploited by Chinese hackers and other adversaries. First seen on cyberscoop.com Jump to article: cyberscoop.com/routers-act-commerce-study-modems-chinese-hackers/
-
FBI seeks public tips about Salt Typhoon
by
in SecurityNewsThe bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fbi-china-salt-typhoon-hack-telecom-tips/746490/
-
M&S tells hundreds of warehouse staff to stay at home after cyber-attack
Castle Donington agency workers told not to go to work as website orders remain on hold for fourth day in a row<ul><li><a href=”https://www.theguardian.com/business/live/2025/apr/28/us-trade-war-tariffs-china-growth-targets-stock-markets-ftse-business-live-news”>Business live latest updates</li></ul>Marks & Spencer has told hundreds of workers at its main online distribution centre in Leicestershire to stay at home as website orders remain on hold for the fourth day…
-
China Claims U.S. Cyberattack Targeted Leading Encryption Company
by
in SecurityNewsChina has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one of its foremost commercial cryptography providers, resulting in the theft of vast amounts of sensitive data. The allegations were announced in a report published Monday by China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT), intensifying digital tensions between the…
-
FBI Asks for Help Tracking Chinese Salt Typhoon Actors
by
in SecurityNewsThe US authorities have asked the public to help them unmask China’s Salt Typhoon threat actors First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-help-tracking-chinese-salt/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43
by
in SecurityNews
Tags: attack, backdoor, botnet, china, crypto, fraud, infrastructure, international, malware, nfc, rust, supply-chainSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP supply chain attack: Official NPM package infected with crypto stealing backdoor SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation New Rust Botnet >>RustoBot
-
Darcula phishing toolkit gets AI boost, democratizing cybercrime
by
in SecurityNews
Tags: ai, apt, attack, automation, awareness, china, credentials, cybercrime, defense, detection, endpoint, finance, google, government, group, infrastructure, malicious, network, phishing, resilience, risk, service, skills, smishing, threat, tool, training, updateAI creates push-button phishing attacks: With the latest update to the “darcula-suite” toolkit, users can now generate phishing pages using generative AI that mimics websites with near-perfect accuracy, and in any language.”Users provide a URL of a legitimate brand or service, and the tool automatically visits that website, downloads all of its assets, and renders…
-
Salt Typhoon Cyberattack: FBI Investigates PRC-linked Breach of US Telecoms
by
in SecurityNewsThe FBI has issued a public appeal for information concerning an ongoing cyber campaign targeting US telecommunications infrastructure, attributed to actors affiliated with the People’s Republic of China (PRC). This cyber operation, tracked under the moniker Salt Typhoon, has compromised networks at multiple US telecommunications companies and resulted in the theft of sensitive data. As…
-
Phishing Kit Darcula Gets Lethal AI Upgrade
by
in SecurityNewsRecently added artificial intelligence capabilities on the Chinese-language Darcula phishing-as-a-service platform make phishing attacks easy for even the least technical hackers. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/phishing-kit-darcula-gets-major-ai-upgrade
-
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
by
in SecurityNewsThe FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-seeks-help-to-unmask-salt-typhoon-hackers-behind-telecom-breaches/
-
US data security fears prompt subpoena on Chinese telcos
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/us-data-security-fears-prompt-subpoena-on-chinese-telcos
-
South Korea Accuses DeepSeek of Unlawful Data Transfers Amid AI Expansion
by
in SecurityNewsChinese artificial intelligence startup DeepSeek has come under intense scrutiny from South Korean authorities for allegedly transferring user data and AI prompts without proper consent. The controversy erupted after Korea’s data protection authority, the Personal Information Protection Commission (PIPC), released a detailed statement on April 18, 2025, accusing Hangzhou DeepSeek Artificial Intelligence Co. Ltd. of…
-
Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities
by
in SecurityNewsGoogle’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of threat actors, particularly China-nexus groups. These adversaries are deploying custom malware ecosystems, exploiting zero-day vulnerabilities in security appliances, and utilizing proxy networks resembling botnets to evade detection. Their tactics also include targeting edge devices lacking endpoint detection and response (EDR) capabilities…
-
Erodiert die Security-Reputation der USA?
by
in SecurityNews
Tags: business, ceo, china, cisa, ciso, cybersecurity, cyersecurity, endpoint, exploit, germany, governance, government, intelligence, iran, kaspersky, north-korea, service, strategy, threat, usaTrump stiftet Verunsicherung auch wenn’s um Cybersicherheit geht.Nachdem US-Präsident Donald Trump nun auch Cybersicherheitsunternehmen per Executive Order für abweichende politische Positionen abstraft, befürchten nicht wenige Branchenexperten, dass US-Sicherheitsunternehmen künftig ähnlich in Verruf geraten könnten wie ihre russischen und chinesischen Konkurrenten. Die zentralen Fragen sind dabei:Können sich CISOs beziehungsweise ihre Unternehmen künftig noch auf US-amerikanische Bedrohungsinformationen…
-
Chinese APT Mustang Panda Debuts 4 New Attack Tools
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/chinese-apt-mustang-panda-4-attack-tools
-
Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators
by
in SecurityNews
Tags: access, advisory, ai, attack, breach, china, cisa, cisco, ciso, cloud, computer, control, csf, cve, cyber, cyberattack, cybersecurity, data, defense, encryption, espionage, exploit, firmware, framework, governance, government, group, hacker, hacking, healthcare, identity, infrastructure, Internet, LLM, malicious, mfa, mitigation, mitre, network, nist, open-source, password, phishing, privacy, risk, risk-assessment, router, service, software, strategy, supply-chain, technology, threat, tool, update, vulnerabilityCheck out NIST’s effort to further mesh its privacy and cyber frameworks. Plus, learn why code-writing GenAI tools can put developers at risk of package-confusion attacks. Also, find out what Tenable webinar attendees said about identity security. And get the latest on the MITRE CVE program and on attacks against edge routers. Dive into five…
-
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
by
in SecurityNewsCybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024.”The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,’” Cisco Talos researchers Azim…
-
Chinese hackers target Russian govt with upgraded RAT malware
by
in SecurityNewsChinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-target-russian-govt-with-upgraded-rat-malware/
-
SpyMax Android Spyware: Full Remote Access to Monitor Any Activity
by
in SecurityNewsThreat intelligence experts at Perplexity uncovered an advanced variant of the SpyMax/SpyNote family of Android spyware, cleverly disguised as the official application of the Chinese Prosecutor’s Office (检察院). This malicious software was targeting Chinese-speaking users in mainland China and Hong Kong in what appears to be a sophisticated cyber espionage campaign. Exploiting Android Accessibility Services…