Cyber threat researchers recently uncovered a Chinese cyber espionage campaign targeting a newly discovered command injection vulnerability in Cisco’s Cisco NX-OS software. They found the vulnerability and its exploitation as part of an ongoing forensic investigation of a Velvet Ant threat group. The vulnerability tracked as CVE-2024-20399 concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system
china (74)
In 2019, the Space Force became the nation’s first new military branch in nearly 80 years. Now, the US Congress is already thinking about starting another one, a cyber force. For years, there's been talk of creating a military branch that concentrates on the cyber domain, driven by the increasing threat posed by geopolitical rivals like China and by organizational and staffing problems with the existing US military cyber operations. Now, members of the House of Representatives and Senate hav
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability tracked as CVE-2024-6409 (CVSS score: 7.0) is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1 and 8.8p1 shipped with Red Hat Enterprise Linux 9. This vulnerability, if exploited, could lead to full
Red Sky Alliance often queries various critical infrastructure sectors and associated businesses. This month our researchers took a quick look (snapshot) of the Steel Industry. We used our CTAC analytical service to query various key words to the steel industry. These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments. Red Sky Alliance is providing this list of steel related key words w
Britain’s democracy is under threat from Chinese cyber-attacks, this reported as Parliament was informed on 25 March of this warning after the hacking of voter details and the targeting of several China hawks in Parliament has occurred. The UK’s Deputy Prime Minister, briefed MPs on the cyberthreat from China and is expected to announce reprisals against those believed to be involved, according to government insiders. He pointed the finger at China over an alleged hacking that hit British vote
Leaders of South Florida’s Port Everglades and Port Miami have met with US Coast Guard officials to review cybersecurity programs aimed at reducing the possibility that giant Chinese-made cranes operating at the region’s ports and others in the US pose a national security threat.
In late February, the Biden administration announced it planned to invest billions in the US manufacture of ship-to-shore cranes that transfer millions of tons of cargo annually at major American seaports. The action
The US House of Representatives has passed legislation that could lead to a nationwide ban on the popular video-sharing app TikTok, reigniting debates around data privacy, national security, and the limits of government oversight. The bipartisan bill, named the Protecting Americans from Foreign Adversary Controlled Applications Act, requires the Chinese company ByteDance to divest its ownership of TikTok. If it fails to do so, the app would be prohibited from operating in the United States, an
The top US intelligence agency has revamped its election security team ahead of the 2024 presidential election, a contest multiple national security leaders have warned could be targeted by foreign adversaries using fast-moving attacks. Jessica Brandt, who previously held a variety of prominent research roles at Washington think tanks, was appointed the first full-fledged director of the Foreign Malign Influence Center in late 2023.
The hub, part of the Office of the Director of National Intell
It is no longer theoretical; the world's major powers are working with large language models to enhance offensive cyber operations. Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia use large language models (LLMs) to enhance their operations. New blog posts from OpenAI and Microsoft reveal that five prominent threat actors have used OpenAI software for research, fraud, and other malicious purposes. After identifying them, OpenAI shuttered all their accounts
Maria Reznikova and her associates at Maria Concetto Winery are into gadgets. Their Calistoga tasting room features “levitating” wine bottle holders, spinning top-like decanters, small drones, a 3D wine bottle hologram sign, a karaoke machine and a replica of a 1922 Model T Ford parked out front. But the most notable is RobinoVino, their wine serving robot sommelier. Working with an engineering friend, Reznikova commissioned RobinoVino, described as “the world’s first” such robot sommelier. M
Hackers from the People's Republic of China spent up to five years in US networks as part of a cyber operation that targeted US critical infrastructure, law enforcement and international agencies said earlier this week. "The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People's Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive o
Author Mercy Kuo often engages subject-matter experts, policy practitioners, and strategic thinkers across the globe for their diverse insights into US Asia policy. This article highlights a conversation with Christopher R. O’Dea, adjunct fellow at Hudson Institute and author of the forthcoming book “Ships of State: China’s New Maritime Empire,” is the 400th in “The Trans-Pacific View Insight Series.”
How are China’s shipping companies serving the Chinese state? Beijing’s state-owned shipping
Following fears that Ford’s electric vehicle supply chain may represent a national security issue, concerned legislators are doubling down by outlining the path battery components are required to take vehicles to get here. Last week, US Rep. Mike Gallagher (R-WI) and Cathy McMorris Rodgers (R-WA) accused Ford of having plans that required contracting technology and software firms with close ties to both the Chinese and North Korean governments. Rep. Gallagher heads up the House Select Committe
The US FBI and US Department of Justice (DOJ) have used a court order to address vulnerabilities in thousands of internet-connected devices that are at the center of a Chinese hacking campaign. The campaign is targeting sensitive US critical infrastructure, two US officials and a third source familiar with the matter reported to media.
The move is part of a broader, government-wide effort to blunt the impact of a persistent Chinese hacking effort that US officials fear could hinder any US milit
A Chinese cyber espionage group targeting organizations and individuals in China and Japan has remained under the radar for roughly five years, cybersecurity firm ESET https://www.eset.com reports. Researchers have tracked it as Blackwood and active since at least 2018, the Advanced Persistent Threat (APT) actor has been using Adversary-in-the-Middle (AitM) attacks to deploy a sophisticated implant via the update mechanisms of legitimate software such as Sogou Pinyin, Tencent QQ, and WPS Office
The UK’s Sellafield nuclear facility has denied reports that its IT networks have been attacked by cyber groups linked to Russia and China. The Guardian said an investigation into the nuclear site in Cumbria found security breaches, dating back to 2015, which it says were not reported to regulators for “several years.”
The year-long investigation, named ‘Nuclear Leaks,’ said sleeper malware which can be used to spy on or attack systems had been embedded in the networks and could still be there.
Our friends at SentinelLabs report that Hack-for-Hire threat actors go by many names, such as surveillance-for-hire, mercenaries, private-sector-offensive-actors (PSOAs), and nonstate offensive threat actors. Such groups represent an exciting challenge for security researchers and network defenders. They should be considered a severe threat to all organizations, worthy of proactive tracking in ongoing intrusions and analysis of historical cases to understand their significant impacts. Many pub
Aindrea Campbell knows more than most about high-tech production. In her previous role, she was senior director of iPad operations at Apple, helping to run the sophisticated assembly lines in China that produce tens of millions of tablet computers each year. As chief operating officer of Agility Robotics, Campbell will oversee the production of pioneering products in the US. In September, the company announced that its 70,000 sq ft RoboFab, the “world’s first factory” for building humanlike r
A previously unknown government-backed hacking group is targeting organizations in the manufacturing, IT, and biomedical sectors across Taiwan, Vietnam, the US and an unnamed Pacific island, according to new research from Symantec.
Researchers are tracking the group under the name “Grayling” and said in a report released earlier this week that it is using custom-made malware as well as publicly available tools to attack its targets. The attacks, which began in February and continued through May
Red Sky Alliance has long presented evident of China’s modern-day Silk Road initiatives. Much of the Chinese targets were in Africa; many tying in cyber as the linkage. Below is a good exposé by Sentinel Labs. In the evolving cyber threat landscape, it’s always important to constantly challenge our biases. There are large pockets of important threat activity occurring in regions around the world less commonly addressed in Western threat research. While much attention has rightfully been dra
