china (34)

10758134088?profile=RESIZE_400xA suspected cyber-attack on 7-Eleven stores, pervasive in large towns and at rail stations across Denmark, is reporting that “we cannot use cash registers and/or receive payments.”  This the company wrote on its Facebook page.  “We are therefore closed until we know the extent [of the attack].  We hope to be able to open stores again soon,” it wrote.

There are 176 7-Eleven stores in Denmark.  The company’s CEO told a Danish broadcaster that cash registers “suddenly” began to malfunction in store

10754604654?profile=RESIZE_400xIn light of all of the Russian ransomware attacks on organizations worldwide, a dose of Schadenfreude is a welcome sign.  For our non-German readers: “Schadenfreude is the experience of pleasure, joy, or self-satisfaction that comes from learning of or witnessing the troubles, failures, or humiliation of another (especially an adversary). It is a borrowed word from German, with no direct translation, that originated in the 18th century.”

An unknown threat actor has been targeting Russian entitie

10750232862?profile=RESIZE_400xChinese developers have created a new command-and-control (C2) framework with features and functionality similar to Cobalt Strike and Sliver. The new framework is called Manjusaka.

Cisco Talos researchers have discovered the C2 framework in the wild running in parallel with Cobalt strike.  The initial investigation began with a Cisco Talos response to a Cobalt Strike beacon detection that was installed from a malicious Microsoft Word Document.  The document was sent in an email as an attachment

10745848258?profile=RESIZE_400xFrom the Center for Security Policy: Over the past several years America has discovered that China has been carrying out various forms of espionage and intellectual property theft across the US, particularly targeting American companies in the tech sector.  Just this past week it was reported that components from the Chinese tech conglomerate Huawei installed in US telecommunications networks could disrupt communications at US nuclear bases.  While these companies set up American subsidiaries wh

10550463300?profile=RESIZE_400xA joint publication coauthored by the National Security Agency (NSA), Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) was released on 7 June 2022 about the People’s Republic of China State-Sponsored activities.

State-Sponsored actors have been exploiting Common Vulnerabilities and Exposures (CVEs) that are related to network devices.  The vulnerabilities that these actors are exploiting are documented, and should be patched immediately if they

10469266899?profile=RESIZE_400xAn elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed evade detection since at least 2019.  Named by investigators "Operation CuckooBees,” the massive intellectual property theft operation enabled the threat actor to exfiltrate hundreds of gigabytes of information.  Targets included technology and manufacturing companies primarily located in East Asia, Western Europe, and North America.  "The attackers targeted intellectual property develo

10293756893?profile=RESIZE_400xActivity Summary - Week Ending on 8 April 2022:

  • Red Sky Alliance identified 1,898 connections from new IP’s checking in with our Sinkholes
  • Go Daddy LLC domain - 61 x
  • Analysts identified 1,311 new IP addresses participating in various Botnets
  • IcedID Trojan
  • DoubleZero Wiper Malware
  • ChronoPay
  • Inverse Finance
  • TX Infrastructure
  • CN also attacking UA

Link to full report: IR-22-098-001_weekly098.pdf

10148505256?profile=RESIZE_400xThe Winter Olympics have officially come to a close. There have been heartwarming headlines of athletes overcoming adversity, upsets, dominant performances, and countless clips of the mascot Bing Dwen Dwen throughout the past two weeks.  The headline that cyber professionals are waiting for a yet to arrive.

In the weeks leading up to the opening of the Olympic Games athletes were required to install the My2022 app to track their health. The app is supposed to track Covid-19 and monitor the healt

9984308887?profile=RESIZE_400x

US Department of Agriculture (USDA) analysts have reported that China, with less than 20% of the world's population has managed to stockpile more than half of the globe's corn and other grains, leading to steep price increases across the planet and dropping more countries into famine.  COFCO Group, a major Chinese state-owned food processor, runs one of China's largest food stockpiling bases, at the port of Dalian, in the northeastern part of the country.  It stores beans and grains gathered fr

9982049484?profile=RESIZE_400xHumanoid robot called “Jia Jia” was created by a team of engineers from the University of Science and Technology of China and was presented at a conference in Shanghai at the beginning of 2017.  Jia Jia can hold a simple conversation and make specific facial expressions when asked, and her creator believes the eerily lifelike robot heralds a future of cyborg labor in China. This was five years ago and was billed as China’s first human-like robot.  2022 - The Brave New World is in full force.

Ji

9857998096?profile=RESIZE_400xAre hackers better at using AI than defenders?  “There are three parts of any security strategy. You want to be able to detect, to prevent, and to respond,” says the Global Chief Technology Officer of Dell Technologies.  “It turns out that in the 'detect' area, we are well underway.  If you are using a security event information-management service or managed-security service provider, and they are not already using high degrees of advanced machine intelligence to detect threats, you already lost

9704153466?profile=RESIZE_400xActivity Summary - Week Ending 15 October 2021:

  • Red Sky Alliance identified 37, 307 connections from new IP’s checking in with our Sinkholes
  • Analysts identified 1,873 new IP addresses participating in various botnets
  • Sality remains the top Malware Variant at 33,705 times seen
  • AtomSilo targeting Confluence
  • FamousSparrow and Hotels
  • BloodyStealer
  • Another .edu Hit in the UK
  • Pointing a Finger at China
  • Spanish Melia Hotels hacked
  • Afghan Telcom Roshan

Link to full report: IR-21-288-001_weekly_288.pdf

9690728900?profile=RESIZE_400xThe US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

9542652101?profile=RESIZE_400xLloyd’s of London, for centuries the world’s dominant marine insurer, continues to witness sharp decline in premium volumes as lines on graph now cross with Asian economic giant.[1]  China is now the world’s second-largest provider of hull insurance, after overtaking Lloyd’s on market share, the International Union of Marine Insurance (IUMI) has confirmed.

China, which has seen its slice of the pie grow slowly but steadily in recent years, recorded a 12.4% share of 2020 global aggregate hull pre

9415248875?profile=RESIZE_400xThe U.S. needs to devise ways to counter Chinese cyber activity including the theft of intellectual property and cyberattacks on government networks and critical infrastructure that poses a direct threat to U.S. national security, according those who testified at a Senate hearing this first week in August 2021.  All organizations need to take immediate steps to stop cyber breaches to protect their data and intellectual Property.  The government cannot curb or stop it, so it is in the hands of al

9302081078?profile=RESIZE_400xActivity Summary - Week Ending 23 July 2021:

  • Red Sky Alliance identified 19,903 connections from new unique IP addresses
  • Top observed Attacker Server (C2): Alexey[.]rybalov@yandex.ru & taleq[.]simeon888@mail.com
  • Analysts identified 2,670 new IP addresses participating in various Botnets
  • DLL Side-Loading Technique
  • dmerchant
  • WildPressure
  • China keeps pulling Triggers
  • Russia Cyber-Attacks
  • Saudi Aramco Hit with Ransomware
  • Cell Phones and Spying
  • Norway blaming China for March cyber-attack
  • What will b

8872293089?profile=RESIZE_400xChina, Russia, North Korea, and Iran continue to pose significant cybersecurity threats to the US, because each is capable of launching disruptive attacks, according to a report published 13 April 2021 by the Office of the Director of National Intelligence.

Threats include disinformation campaigns that target elections and try to undermine democratic institutions as well as aggressive hacking campaigns, such as the SolarWinds supply chain attack, according to the report. In many cases, criminal

8575937274?profile=RESIZE_400xJust how much US land does China own?  Excerpts by Libertas Bella (edited).

American-US prosperity has largely been built on a dual foundation: cheap land or expensive labor.  Until the US Immigration Act of 1965, Ronald Reagan’s Amnesty of 1986 and North American Free Trade Association (NAFTA) opened up the floodgates of immigration (both legal and illegal) this formula basically held firm.  When there was not enough labor, employers had to pay more rather than simply importing massive amounts

8511879887?profile=RESIZE_400xA suspected Chinese hacking group has been attacking the airline industry for the past few years with the goal of obtaining passenger data in order to track the movement of persons of interest.  The intrusions have been linked to a threat actor that the cyber-security has been tracking under the name of Chimera, believed to be operating in the interests of the Chinese state.  Researchers say the group has remained undetected in a network for up to three years. Initial reports mentioned a series

8503407452?profile=RESIZE_400xThe ongoing controversies surrounding TikTok hit a new gear on 14 January 2021 with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google.  According to a Wall Street Journal report, TikTok used a banned tactic to bypass the privacy safeguard in Android to collect unique identifiers from millions of mobile devices, data that allows the app to track users online without allowing them to opt out.

TikTok, based in Beijing, China, h