Security News

Senior Chinese government officials have urged Apple CEO Tim Cook to improve the security and privacy features of his company's products. "Director Zheng Shanjie said that the Chinese government will unswervingly implement the basic national policy of opening to the outside world, and the National Development and Reform Commission will continue to support foreign-funded enterprises including Apple in their business in China," the post states.

Chinese law, specifically Article 7 of the National Intelligence Law compels all citizens and organisations to act as covert arms of state security on demand, even if overseas. Chinese owned technology companies can deny this as much as they like, in fact they have to, but the law is clear.

The outgoing president of the Federated States of Micronesia, David Panuelo, penned a lengthy letter last week accusing Beijing of rampant bribery, spying and other tactics - including an attempt to take control of the nation's submarine cables and telecoms infrastructure. In the letter, Panuelo claimed that the People's Republic of China has instructed its army to be ready to invade Taiwan by 2027.

UK Prime Minister Rishi Sunak on Monday announced the National Protective Security Agency as part of a refresh of the government's security strategy known as the "Integrated Review". The refresh included the replacement of the UK's Conflict, Stability and Security Fund with an Integrated Security Fund that's funded to the tune of £1 billion to "Deliver on the core objectives of the Integrated Review at home and around the world, including in economic and cyber security, counter terrorism and human rights."

According to the Monetary Authority of Singapore, trade barriers between US and China have resulted in geoeconomic fragmentation and will likely result in slower global growth and higher inflation. Speaking at the at the IMAS-Bloomberg Investment Conference on Thursday, MAS managing director Ravi Menon said tensions between the US and China have not only affected the two countries, but global trade patterns and supply chains as well.

A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access 100 appliances to drop malware and establish long-term persistence. "The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades," cybersecurity company Mandiant said in a technical report published this week.

ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group. Due to the nature of the decoy filenames used, researchers believe that political and governmental organizations in Europe and Asia are also being targeted.

Starting in June, companies operating in China must undergo a regulatory intervention when sending data abroad, thanks to the Cyberspace Administration of China. The CAC announced on Friday businesses that handle the personal information of up to 1 million people, or want to send user information of up to 100,000 individuals abroad, will need to sign a standard contract before doing so and file it with a local CAC office within 10 working days of it taking effect.

Criminals have targeted datacenter operators in Singapore and China, tapping into their CCTV cameras, accessing their tenant lists and then attacking those customers. That lateral movement included accessing a list of the datacenter operator's CCTV cameras "With associated video stream identifiers used to monitor datacenter environments, as well as credential information related to operators and customers."

The US Department of Commerce added six more entities to its blacklist on Friday on grounds of national security after an errant Chinese surveillance balloon was shot down over the US last week. According to White House press secretary Karine Jean-Pierre, the balloon followed a flight path, and the US did not give any credence to the Chinese argument that the balloon veered off course.