Security News

University managment app also tracked library activity, holidays, and much more US-based research group IPVM has accused Chinese video surveillance equipment company Hikvision of engaging with a...

Microsoft, which earlier this week admitted not being able to detect a Chinese attack on its own infrastructure, has published a report [PDF] titled "Digital threats from East Asia increase in breadth and effectiveness." In the report, Redmond's Threat Intelligence group expounds on its fresh insight into evolving online aggressions from both China and North Korea. The report details the work of a group Microsoft has named "Raspberry Typhoon" that "Typically conducts intelligence collection and malware execution" and likes to target ministries that oversee defense, intelligence, economic matters, and trade.

Over the weekend Chinese president Xi Jinping gave a directive to officials to build a Beijing-supervised "Security barrier" around its internet. According to state-sponsored media republished by the government, Xi said it was "Essential to uphold the Party's leadership over the internet sector."

In late September 2021, staff at Taiwanese threat intelligence company TeamT5 noticed something very nasty: a fake news report accusing it of conducting phishing attacks against Japan's government and local tech companies. "We can't keep off the internet, even when on holiday. The attackers weren't counting on that," threat intelligence analyst Che-Cheng Chang told The Reg when we dropped in to TeamT5's Taipei offices last week during the Computex conference.

Beijing sent a message to foreign businesses this week when it launched an investigation into Shanghai-based Capvision Partners on the grounds of national security, accusing the consultancy firm of failure to prevent espionage. State-sponsored broadcaster China Central Television reported that the raid led to the arrest of a senior researcher from a large state-owned enterprise in China - for providing Capvision's foreign clients with intelligence.

The Cyberspace Administration of China has preempted celebrations for Lunar New Year - the Year of the Rabbit* commences on January 22 - by warning citizens to keep evidence of seasonal overindulgence off the internet. The internet regulator warned it will investigate and take action on online flaunting of wealth and overeating during the seasonal celebrations that are marked with displays of generosity and abundance.

The Council explored the state of Chinese infosec research in the context of the 2021 introduction of "Regulations on the Management of Security Vulnerabilities of Network Products" that require local researchers to report any vulns they find to local authorities. A ban on Chinese researchers participating in international infosec competitions is thought to have been imposed for similar reasons.

China has accused the United States of a savage cyber-attack on a university famed for conducting aerospace research and linked to China's military. The National Computer Virus Emergency Response Centre made its accusation on September 5th, claiming that the Office of Tailored Access Operation at the USA's National Security Agency has unleashed over 10,000 attacks in China, some using zero-day exploits, and lifted 140GB of "High value data".

China's internet regulator has launched an investigation into the security regime protecting academic journal database China National Knowledge Infrastructure, citing national security concerns. CNKI is a privately-owned publishing company that maintains a monopoly on academic journal searches in China.

A state-sponsored Chinese threat actor has used ransomware as a distraction to help it conduct electronic espionage, according to security software vendor Secureworks. Cybersecurity firm Secureworks asserts that ransomware is probably just a distraction from the true intent: cyber espionage.