Known for targeting iOS devices, it has been expanded to include capabilities for compromising device security and stability. ThreatFabric, who discovered the malware, initially published a report on LightSpy for macOS in May 2024. During that investigation, the analysts found that the same server managed both macOS and iOS versions of LightSpy. This discovery allowed ThreatFabric to conduct a new, detailed analysis of the spyware targeting iOS published today, finding notable updates compared t
china (82)
Kroger’s plans to roll out facial recognition tools at its grocery stores is attracting increased criticism from lawmakers, who warn that it could be exploited to increase the prices certain individuals pay for food and put customers’ personal data at risk. In a letter this week to Kroger CEO Rodney McMullen, Congresswoman Rashida Tlaib (D-MI) said the plans, which involve using facial recognition tools in digital displays to target advertising to customers and collect information on them, pote
Threat Type: Foreign Adversarial Technological, Physical, and Cyber Influence
Geographic Area: Worldwide
This advisory supersedes and cancels US Maritime Advisory 2024-002
- Issue: This Advisory seeks to alert maritime stakeholders of potential vulnerabilities to maritime port equipment, networks, operating systems, software, and infrastructure. Foreign companies manufacture, install, and maintain port equipment that creates vulnerabilities to global maritime infrastructure information technology
Despite current of law enforcement action to take down ransomware gangs, Secureworks has observed a 30% year-on-year rise in active ransomware groups. In the eighth edition of the Secureworks annual State of The Threat Report[1], the firm identified 31 new groups that had entered the ransomware ecosystem in the last 12 months. The report noted that while a few big players had previously dominated the threat landscape, it is now home to a broader set of emerging entities.[2]
The top four most
China-linked APT group Salt Typhoon (FamousSparrow and GhostEmperor) breached US broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data.
See: https://redskyalliance.org/xindustry/hotels-under-attack
According to the Wall Street Journal, which reported the news exclusively, the security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on na
A Chinese national has been accused of conducting a years-long spear-phishing campaign that aimed to steal source code from the US Army and NASA, plus other highly sensitive software used in aerospace engineering and military applications. At least some of the spears hit their targets, and some of this restricted software made its way to China, according to a US Department of Justice (DOJ) announcement and an indictment. The accused, Song Wu, 39, remains at large and has been charged with 14 c
So maybe China and Russia are not such good friends after all. Cyber security researchers have uncovered an apparently new Advanced Persistent Threat (APT) group targeting Russian government entities, known as CloudSorcerer. They use a sophisticated cyber espionage tool, discovered by investigators and reported in an advisory they published in June, and is designed for covert data collection and exfiltration, using Microsoft Graph, Yandex Cloud, and Dropbox for its command and control (C2) inf
Cyber-spies suspected of connections with China have infected "dozens" of computers belonging to Russian government agencies and IT providers with backdoors and trojans since late July, according to Kaspersky. The Russia-based security biz claimed the malware used in the ongoing, targeted attacks, called EastWind, has links to two China-nexus groups tracked as APT27 and APT31.
After gaining initial access to their victims' devices via phishing emails, the attackers used various cloud services
Cyber threat researchers recently uncovered a Chinese cyber espionage campaign targeting a newly discovered command injection vulnerability in Cisco’s Cisco NX-OS software. They found the vulnerability and its exploitation as part of an ongoing forensic investigation of a Velvet Ant threat group. The vulnerability tracked as CVE-2024-20399 concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system
In 2019, the Space Force became the nation’s first new military branch in nearly 80 years. Now, the US Congress is already thinking about starting another one, a cyber force. For years, there's been talk of creating a military branch that concentrates on the cyber domain, driven by the increasing threat posed by geopolitical rivals like China and by organizational and staffing problems with the existing US military cyber operations. Now, members of the House of Representatives and Senate hav
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability tracked as CVE-2024-6409 (CVSS score: 7.0) is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1 and 8.8p1 shipped with Red Hat Enterprise Linux 9. This vulnerability, if exploited, could lead to full
Red Sky Alliance often queries various critical infrastructure sectors and associated businesses. This month our researchers took a quick look (snapshot) of the Steel Industry. We used our CTAC analytical service to query various key words to the steel industry. These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments. Red Sky Alliance is providing this list of steel related key words w
Britain’s democracy is under threat from Chinese cyber-attacks, this reported as Parliament was informed on 25 March of this warning after the hacking of voter details and the targeting of several China hawks in Parliament has occurred. The UK’s Deputy Prime Minister, briefed MPs on the cyberthreat from China and is expected to announce reprisals against those believed to be involved, according to government insiders. He pointed the finger at China over an alleged hacking that hit British vote
Leaders of South Florida’s Port Everglades and Port Miami have met with US Coast Guard officials to review cybersecurity programs aimed at reducing the possibility that giant Chinese-made cranes operating at the region’s ports and others in the US pose a national security threat.
In late February, the Biden administration announced it planned to invest billions in the US manufacture of ship-to-shore cranes that transfer millions of tons of cargo annually at major American seaports. The action
The US House of Representatives has passed legislation that could lead to a nationwide ban on the popular video-sharing app TikTok, reigniting debates around data privacy, national security, and the limits of government oversight. The bipartisan bill, named the Protecting Americans from Foreign Adversary Controlled Applications Act, requires the Chinese company ByteDance to divest its ownership of TikTok. If it fails to do so, the app would be prohibited from operating in the United States, an
The top US intelligence agency has revamped its election security team ahead of the 2024 presidential election, a contest multiple national security leaders have warned could be targeted by foreign adversaries using fast-moving attacks. Jessica Brandt, who previously held a variety of prominent research roles at Washington think tanks, was appointed the first full-fledged director of the Foreign Malign Influence Center in late 2023.
The hub, part of the Office of the Director of National Intell
It is no longer theoretical; the world's major powers are working with large language models to enhance offensive cyber operations. Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia use large language models (LLMs) to enhance their operations. New blog posts from OpenAI and Microsoft reveal that five prominent threat actors have used OpenAI software for research, fraud, and other malicious purposes. After identifying them, OpenAI shuttered all their accounts
Maria Reznikova and her associates at Maria Concetto Winery are into gadgets. Their Calistoga tasting room features “levitating” wine bottle holders, spinning top-like decanters, small drones, a 3D wine bottle hologram sign, a karaoke machine and a replica of a 1922 Model T Ford parked out front. But the most notable is RobinoVino, their wine serving robot sommelier. Working with an engineering friend, Reznikova commissioned RobinoVino, described as “the world’s first” such robot sommelier. M
Hackers from the People's Republic of China spent up to five years in US networks as part of a cyber operation that targeted US critical infrastructure, law enforcement and international agencies said earlier this week. "The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People's Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive o
Author Mercy Kuo often engages subject-matter experts, policy practitioners, and strategic thinkers across the globe for their diverse insights into US Asia policy. This article highlights a conversation with Christopher R. O’Dea, adjunct fellow at Hudson Institute and author of the forthcoming book “Ships of State: China’s New Maritime Empire,” is the 400th in “The Trans-Pacific View Insight Series.”
How are China’s shipping companies serving the Chinese state? Beijing’s state-owned shipping