china (82)

13107666684?profile=RESIZE_400xKnown for targeting iOS devices, it has been expanded to include capabilities for compromising device security and stability. ThreatFabric, who discovered the malware, initially published a report on LightSpy for macOS in May 2024. During that investigation, the analysts found that the same server managed both macOS and iOS versions of LightSpy. This discovery allowed ThreatFabric to conduct a new, detailed analysis of the spyware targeting iOS published today, finding notable updates compared t

13031381890?profile=RESIZE_400xKroger’s plans to roll out facial recognition tools at its grocery stores is attracting increased criticism from lawmakers, who warn that it could be exploited to increase the prices certain individuals pay for food and put customers’ personal data at risk.  In a letter this week to Kroger CEO Rodney McMullen, Congresswoman Rashida Tlaib (D-MI) said the plans, which involve using facial recognition tools in digital displays to target advertising to customers and collect information on them, pote

13029801269?profile=RESIZE_400xThreat Type: Foreign Adversarial Technological, Physical, and Cyber Influence

Geographic Area: Worldwide

This advisory supersedes and cancels US Maritime Advisory 2024-002

  1. Issue: This Advisory seeks to alert maritime stakeholders of potential vulnerabilities to maritime port equipment, networks, operating systems, software, and infrastructure. Foreign companies manufacture, install, and maintain port equipment that creates vulnerabilities to global maritime infrastructure information technology

13027416478?profile=RESIZE_400xDespite current of law enforcement action to take down ransomware gangs, Secureworks has observed a 30% year-on-year rise in active ransomware groups.   In the eighth edition of the Secureworks annual State of The Threat Report[1], the firm identified 31 new groups that had entered the ransomware ecosystem in the last 12 months.  The report noted that while a few big players had previously dominated the threat landscape, it is now home to a broader set of emerging entities.[2]

The top four most

12999089673?profile=RESIZE_400xChina-linked APT group Salt Typhoon (FamousSparrow and GhostEmperor) breached US broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data.

See:  https://redskyalliance.org/xindustry/hotels-under-attack

According to the Wall Street Journal, which reported the news exclusively, the security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on na

12947169877?profile=RESIZE_400xA Chinese national has been accused of conducting a years-long spear-phishing campaign that aimed to steal source code from the US Army and NASA, plus other highly sensitive software used in aerospace engineering and military applications.  At least some of the spears hit their targets, and some of this restricted software made its way to China, according to a US Department of Justice (DOJ) announcement and an indictment.  The accused, Song Wu, 39, remains at large and has been charged with 14 c

12912122879?profile=RESIZE_400xSo maybe China and Russia are not such good friends after all.  Cyber security researchers have uncovered an apparently new Advanced Persistent Threat (APT) group targeting Russian government entities, known as CloudSorcerer.  They use a sophisticated cyber espionage tool, discovered by investigators and reported in an advisory they published in June, and is designed for covert data collection and exfiltration, using Microsoft Graph, Yandex Cloud, and Dropbox for its command and control (C2) inf

12810256258?profile=RESIZE_400xCyber-spies suspected of connections with China have infected "dozens" of computers belonging to Russian government agencies and IT providers with backdoors and trojans since late July, according to Kaspersky.  The Russia-based security biz claimed the malware used in the ongoing, targeted attacks, called EastWind, has links to two China-nexus groups tracked as APT27 and APT31. 

After gaining initial access to their victims' devices via phishing emails, the attackers used various cloud services

12738010300?profile=RESIZE_400xCyber threat researchers recently uncovered a Chinese cyber espionage campaign targeting a newly discovered command injection vulnerability in Cisco’s Cisco NX-OS software.  They found the vulnerability and its exploitation as part of an ongoing forensic investigation of a Velvet Ant threat group.   The vulnerability tracked as CVE-2024-20399 concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system

12737625853?profile=RESIZE_400xIn 2019, the Space Force became the nation’s first new military branch in nearly 80 years.   Now, the US Congress is already thinking about starting another one, a cyber force.  For years, there's been talk of creating a military branch that concentrates on the cyber domain, driven by the increasing threat posed by geopolitical rivals like China and by organizational and staffing problems with the existing US military cyber operations.  Now, members of the House of Representatives and Senate hav

12738003694?profile=RESIZE_400xSelect versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).  The vulnerability tracked as CVE-2024-6409 (CVSS score: 7.0) is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling.  It only impacts versions 8.7p1 and 8.8p1 shipped with Red Hat Enterprise Linux 9.  This vulnerability, if exploited, could lead to full

12663678484?profile=RESIZE_400xRed Sky Alliance often queries various critical infrastructure sectors and associated businesses.  This month our researchers took a quick look (snapshot) of the Steel Industry.  We used our CTAC analytical service to query various key words to the steel industry.  These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments.  Red Sky Alliance is providing this list of steel related key words w

12404151693?profile=RESIZE_400xBritain’s democracy is under threat from Chinese cyber-attacks, this reported as Parliament was informed on 25 March of this warning after the hacking of voter details and the targeting of several China hawks in Parliament has occurred.  The UK’s Deputy Prime Minister, briefed MPs on the cyberthreat from China and is expected to announce reprisals against those believed to be involved, according to government insiders.  He pointed the finger at China over an alleged hacking that hit British vote

12404230869?profile=RESIZE_400xLeaders of South Florida’s Port Everglades and Port Miami have met with US Coast Guard officials to review cybersecurity programs aimed at reducing the possibility that giant Chinese-made cranes operating at the region’s ports and others in the US pose a national security threat. 

In late February, the Biden administration announced it planned to invest billions in the US manufacture of ship-to-shore cranes that transfer millions of tons of cargo annually at major American seaports.  The action

12402260857?profile=RESIZE_400xThe US House of Representatives has passed legislation that could lead to a nationwide ban on the popular video-sharing app TikTok, reigniting debates around data privacy, national security, and the limits of government oversight.  The bipartisan bill, named the Protecting Americans from Foreign Adversary Controlled Applications Act, requires the Chinese company ByteDance to divest its ownership of TikTok.  If it fails to do so, the app would be prohibited from operating in the United States, an

12399706096?profile=RESIZE_400xThe top US intelligence agency has revamped its election security team ahead of the 2024 presidential election, a contest multiple national security leaders have warned could be targeted by foreign adversaries using fast-moving attacks.  Jessica Brandt, who previously held a variety of prominent research roles at Washington think tanks, was appointed the first full-fledged director of the Foreign Malign Influence Center in late 2023.

The hub, part of the Office of the Director of National Intell

12390146467?profile=RESIZE_400xIt is no longer theoretical; the world's major powers are working with large language models to enhance offensive cyber operations.  Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia use large language models (LLMs) to enhance their operations.  New blog posts from OpenAI and Microsoft reveal that five prominent threat actors have used OpenAI software for research, fraud, and other malicious purposes.  After identifying them, OpenAI shuttered all their accounts

12385770266?profile=RESIZE_400xMaria Reznikova and her associates at Maria Concetto Winery are into gadgets.  Their Calistoga tasting room features “levitating” wine bottle holders, spinning top-like decanters, small drones, a 3D wine bottle hologram sign, a karaoke machine and a replica of a 1922 Model T Ford parked out front.  But the most notable is RobinoVino, their wine serving robot sommelier.  Working with an engineering friend, Reznikova commissioned RobinoVino, described as “the world’s first” such robot sommelier. M

12375354497?profile=RESIZE_400xHackers from the People's Republic of China spent up to five years in US networks as part of a cyber operation that targeted US critical infrastructure, law enforcement and international agencies said earlier this week.  "The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People's Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive o

12374731694?profile=RESIZE_400xAuthor Mercy Kuo often engages subject-matter experts, policy practitioners, and strategic thinkers across the globe for their diverse insights into US Asia policy.   This article highlights a conversation with Christopher R. O’Dea, adjunct fellow at Hudson Institute and author of the forthcoming book “Ships of State: China’s New Maritime Empire,” is the 400th in “The Trans-Pacific View Insight Series.”

How are China’s shipping companies serving the Chinese state?  Beijing’s state-owned shipping