China’s Computer Virus Emergency Response Center has released part three of a running series claiming that the US government is actually behind Volt Typhoon activity, rather than China. The latest CVERC report, whose front page includes an oddly edited photo with the text “Lie to Me,” provides no new evidence of these claims and rehashes old, leaked US intelligence documents. However, this CVERC report is not useless. The CVERC report tells us more about China’s intentions than it does convin
prc (6)
Threat Type: Foreign Adversarial Technological, Physical, and Cyber Influence
Geographic Area: Worldwide
This advisory supersedes and cancels US Maritime Advisory 2024-002
- Issue: This Advisory seeks to alert maritime stakeholders of potential vulnerabilities to maritime port equipment, networks, operating systems, software, and infrastructure. Foreign companies manufacture, install, and maintain port equipment that creates vulnerabilities to global maritime infrastructure information technology
SentinelLabs recently posted a very interesting report on leaked information about a Chinese company, I-Soon.
Executive Summary / I-Soon (上海安洵), a company that contracts for many PRC agencies–including the Ministry of Public Security, Ministry of State Security, and People’s Liberation Army, was subject to a data leak over the weekend of 16 February. It is not known who pilfered the information nor their motives, but this leak provides a first-of-its-kind look at the internal operations of a st
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against US critical infrastructure in the event of a significant crisis or conflict with the United States.[1]
CISA, NSA, FBI and the following partners are releasing this advisory to warn criti
Since 2015, the PRC has passed or updated comprehensive national security, cybersecurity, and data privacy laws and regulations, expanding Beijing’s oversight of domestic and foreign (including US) companies operating within China. Beijing views inadequate government control of information within China and its outbound flow as a national security risk. These laws provide the PRC government with expanded legal grounds for accessing and controlling data held by US firms in China. US companies a
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Israel National Cyber Directorate (INCD) published a “Guide to Securing Remote Access Software,” which provides an overview of common exploitations and associated tactics, techniques, and procedures (TTPs) used by cyber threat actors to exploit the legitimate, beneficial use of this software for easy b
