X-Industry

A newly identified espionage operation run by hackers linked to China’s government has targeted dozens of organizations in Taiwan since the middle of 2021.  Microsoft on Thursday attributed the campaign to a previously unidentified group it named Flax Typhoon.  The goal of the campaign is to not only perform espionage on targeted Taiwanese entities but “maintain access to organizations across a broad range of industries for as long as possible,” the tech giant said.

The group is mainly targeting

BRICS leaders are meeting in South Africa on 22 August 2023 to discuss how to turn a loose cabal of nations, accounting for a quarter of the global economy, into a geopolitical force that can challenge the West's dominance in World affairs.  Russian President Putin, who faces an international arrest warrant over alleged war crimes in Ukraine, will not join leaders from Brazil, India, China and South Africa amid rifts over whether to expand the bloc to include dozens of "Global South" nations que

China has reiterated claims that last month's cybersecurity attack on a Wuhan facility was the work of US intelligence agencies, pointing to a "very complex" malware used in the incident.  The Wuhan Earthquake Monitoring Center on 26 July 2023 was reported to be the victim of an attack that appeared to originate from government-backed hackers in the US. The allegations state the attack targeted network equipment that collected seismic intensity data, which measured the magnitude of earthquakes a

Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk.  These apps engage in deceptive behavior and secretly send sensitive user data to malicious servers in China.  Researchers have discovered this infiltration.  Their report shows that both spyware apps, namely File Recovery and Data Recovery (com.spot.music.filedate), with over 1 million installs, and File Manager (com.file.box.master.g

Submarine cables, the backbone network of the global economy and telecommunications, are operating in an increasingly risky environment and are prone to geopolitical, physical, and cyber threats, including nation-state sabotage and spying.  Fiber-optic submarine cables on the ocean floor transmit an estimated 99% of all intercontinental internet traffic and communications, including roughly $10 trillion of financial transactions daily and sensitive government and military communication, making t

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Israel National Cyber Directorate (INCD) published a “Guide to Securing Remote Access Software,” which provides an overview of common exploitations and associated tactics, techniques, and procedures (TTPs) used by cyber threat actors to exploit the legitimate, beneficial use of this software for easy b

According to industry experts, predictions about the BRICS countries as the fastest-growing economies have not happened. Instead, the alliance now offers a diplomatic forum and development financing outside the Western mainstream.  The acronym began as an optimistic term to describe countries with fast-growing economies at the time.  But now the BRICS nations, Brazil, Russia, India, China, and South Africa, are setting themselves up as an alternative to existing international financial and polit

The United States and international cybersecurity authorities are issuing this joint  Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon.  Private sector partners have identified that this activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these

Around the time that the US Federal Bureau of Investigation (FBI) was examining the equipment recovered from the wreckage of the Chinese spy balloon shot down off the South Carolina coast in February, American intelligence agencies and Microsoft detected what they feared was a more worrisome intruder: mysterious computer code that has been popping up in telecommunications systems in Guam and elsewhere in the US.

The code, which Microsoft said was installed by a Chinese government hacking group,

“There is nothing wrong with your television set.  Do not attempt to adjust the picture. We are controlling transmission.  If we wish to make it louder, we will bring up the volume.  If we wish to make it softer, we will tune it to a whisper.  We will control the horizontal. We will control the vertical.  We can roll the image, make it flutter.  We can change the focus to a soft blur, or sharpen it to crystal clarity.  For the next hour, sit quietly and we will control all that you see and hear.

The current Ukraine crisis has revealed the willingness of state and non-state actors to involve themselves in conducting attacks of various degrees of severity and frequency.  Notably, hacktivists and cybercriminal groups have joined the conflict extending beyond the borders of the two primary combatants, with cyberattacks targeting those governments and private sector organizations perceived to be supporting the other side.  Patriotic hacktivism is not necessarily new, especially in troubled a

The Canadian military has discovered Chinese spy buoys in the Arctic which allegedly are monitoring US submarines and melting ice sheets.  Such "activity is not new,” Canadian defense minister said in recent televised remarks, implying that China has been engaging in surveillance efforts in the region for some time.[1]  Russia has long sought an Arctic trade route to create shorter vessel travel to Europe.  Seems the Chinese may have the same idea, and oh; spy on its adversaries.

Officials descr

As space becomes the latest frontier for human dominance, satellites are becoming ever-important for life on Earth to function.  There are currently 10,352 satellites orbiting the Earth of which 2317 were launched last year, according to the United Nations Office for Outer Space Affairs.  But just like any other piece of complex technology, satellites can be hacked.

Last year, just before the Russian invasion of Ukraine, alleged Russian government hackers disabled communications in Ukraine by la

According to trusted government sources, there is an increasing focus on US Cyber Command (CYBERCOM) to try and replicate the ability of the US Special Operations Command (SOCOM), the unified combatant command with the mission of overseeing the elements of the special operations in the US Armed Services to bring capabilities directly into the battlespace.  At a recent meeting, the chief of CYBEROM is quoted as saying that the command is “trying to build our authorities much in the same way Speci

US tech firms that have received federal funding in the past will be prevented from creating advanced technology factories in China for at least a decade.  The Biden administration has announced new guidelines as part of a $53 Billion plan to build up the US national semiconductor industry.  The “brain” in every electronic device, from cars to household appliances, is predominantly manufactured in Asia, notably in Taiwan's sophisticated and immensely costly fabrication plants.

The US Chips and S

The Uyghur community was targeted with an Android-based malware campaign for over seven years, according to researchers with cybersecurity firm Check Point.  The last sample they found dated to the middle of August 2022.  The Android spyware is called MobileOrder and has been used in various forms since 2015.  “The scale and the persistence of the campaign is remarkable. Furthermore, the malware has a lot of active capabilities like calls and surround recording, real time geolocation and even th

A suspected cyber-attack on 7-Eleven stores, pervasive in large towns and at rail stations across Denmark, is reporting that “we cannot use cash registers and/or receive payments.”  This the company wrote on its Facebook page.  “We are therefore closed until we know the extent [of the attack].  We hope to be able to open stores again soon,” it wrote.

There are 176 7-Eleven stores in Denmark.  The company’s CEO told a Danish broadcaster that cash registers “suddenly” began to malfunction in store

In light of all of the Russian ransomware attacks on organizations worldwide, a dose of Schadenfreude is a welcome sign.  For our non-German readers: “Schadenfreude is the experience of pleasure, joy, or self-satisfaction that comes from learning of or witnessing the troubles, failures, or humiliation of another (especially an adversary). It is a borrowed word from German, with no direct translation, that originated in the 18th century.”

An unknown threat actor has been targeting Russian entitie

Chinese developers have created a new command-and-control (C2) framework with features and functionality similar to Cobalt Strike and Sliver. The new framework is called Manjusaka.

Cisco Talos researchers have discovered the C2 framework in the wild running in parallel with Cobalt strike.  The initial investigation began with a Cisco Talos response to a Cobalt Strike beacon detection that was installed from a malicious Microsoft Word Document.  The document was sent in an email as an attachment

From the Center for Security Policy: Over the past several years America has discovered that China has been carrying out various forms of espionage and intellectual property theft across the US, particularly targeting American companies in the tech sector.  Just this past week it was reported that components from the Chinese tech conglomerate Huawei installed in US telecommunications networks could disrupt communications at US nuclear bases.  While these companies set up American subsidiaries wh