Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most attributed to Chinese state-backed hackers. This represents double the daily average from 2023, which saw 1.2 million daily attacks targeting government networks, Taiwan’s National Security Bureau said in a new report. “Although many of those attacks have been effectively detected and blocked, the growing numbers of attacks pinpoint the increasingly severe nature of China’s hacking activities,” t
prc (8)
The US Coast Guard has issued a second security directive warning that Chinese ship-to-shore cranes used widely in the United States pose a cybersecurity risk. Maritime Security Directive 105-5 calls on port operators to take “risk management” measures to mitigate the threats.
Built-in vulnerabilities for remote access and control of the cranes “combined with intelligence regarding China’s interest in disrupting US critical infrastructure, necessitate immediate action,” according to a portion of
China’s Computer Virus Emergency Response Center has released part three of a running series claiming that the US government is actually behind Volt Typhoon activity, rather than China. The latest CVERC report, whose front page includes an oddly edited photo with the text “Lie to Me,” provides no new evidence of these claims and rehashes old, leaked US intelligence documents. However, this CVERC report is not useless. The CVERC report tells us more about China’s intentions than it does convin
Threat Type: Foreign Adversarial Technological, Physical, and Cyber Influence
Geographic Area: Worldwide
This advisory supersedes and cancels US Maritime Advisory 2024-002
- Issue: This Advisory seeks to alert maritime stakeholders of potential vulnerabilities to maritime port equipment, networks, operating systems, software, and infrastructure. Foreign companies manufacture, install, and maintain port equipment that creates vulnerabilities to global maritime infrastructure information technology
SentinelLabs recently posted a very interesting report on leaked information about a Chinese company, I-Soon.
Executive Summary / I-Soon (上海安洵), a company that contracts for many PRC agencies–including the Ministry of Public Security, Ministry of State Security, and People’s Liberation Army, was subject to a data leak over the weekend of 16 February. It is not known who pilfered the information nor their motives, but this leak provides a first-of-its-kind look at the internal operations of a st
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against US critical infrastructure in the event of a significant crisis or conflict with the United States.[1]
CISA, NSA, FBI and the following partners are releasing this advisory to warn criti
Since 2015, the PRC has passed or updated comprehensive national security, cybersecurity, and data privacy laws and regulations, expanding Beijing’s oversight of domestic and foreign (including US) companies operating within China. Beijing views inadequate government control of information within China and its outbound flow as a national security risk. These laws provide the PRC government with expanded legal grounds for accessing and controlling data held by US firms in China. US companies a
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Israel National Cyber Directorate (INCD) published a “Guide to Securing Remote Access Software,” which provides an overview of common exploitations and associated tactics, techniques, and procedures (TTPs) used by cyber threat actors to exploit the legitimate, beneficial use of this software for easy b
