Security News
China is this week staging its annual "Two Sessions" meetings, which see its pair of top decision-making bodies meet to set the agenda for the coming year. That's very specific language that China's president Xi Jinping uses to indicate the point at which China is again a pre-eminent player in world affairs.
The United States' Cybersecurity and Infrastructure Security Agency, working with security vendor Symantec, has found an extremely sophisticated network attack tool that can invisibly create backdoors, has been plausibly linked to Chinese actors, and may have been in use since 2013. Symantec's threat hunting team has named the malware "Daxin" and described it as "a stealthy backdoor designed for attacks on hardened networks".
A previously undocumented espionage tool has been deployed against selected governments and other critical infrastructure targets as part of a long-running espionage campaign orchestrated by China-linked threat actors since at least 2013. Broadcom's Symantec Threat Hunter team characterized the backdoor, named Daxin, as a technologically advanced malware, allowing the attackers to carry out a variety of communications and information-gathering operations aimed at entities in the telecom, transportation, and manufacturing sectors that are of strategic interest to China.
State-sponsored attackers from China conducted a two-month campaign against Taiwanese financial services firms, according to CyCraft, a security consultancy from the island nation. CyCraft's analysis of the incident alleges that the attack run started in November 2021, when the malicious actors - named as Chinese gang APT10 - used supply chain attacks to target software used by Taiwanese financial institutions.
Taiwan's Parliament, the Executive Yuan, yesterday revealed draft amendments to national security laws aimed at deterring and punishing Chinese economic espionage efforts directed at stealing tech industry secrets. Premier Su Tseng-chang said Taiwanese authorities have observed Chinese interests infiltrating local operations and "Utilizing various methods to lure high-tech talent from Taiwan and steal Taiwanese core technologies."
The Chinese hackers responsible for an attack on media giant News Corp last month likely were seeking intelligence to serve China's interests in a cyberespionage incident that shows the persistent vulnerability of corporate networks to email-based attacks, security professionals said. In an email to staff, News Corp cited a "Foreign government" as responsible for the "Persistent nation-state attack" and confirmed that "Some data" was stolen, according to published reports.
Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group. Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start of the event on September 3 to drop multiple reverse web shells for remote access and achieve permanent foothold in the network.
US Federal Bureau of Investigation director Christopher Wray has named China as the source of more cyber-attacks on the USA than all other nations combined. In a Monday speech titled Countering Threats Posed by the Chinese Government Inside the US, Wray said the FBI is probing over 2,000 investigations of incidents assessed as attempts by China's government "To steal our information and technology."
The Cyberspace Administration of China has shared its spring-cleaning plans with the world - and suggested it's time to make the Middle Kingdom's web sites sparkle with wholesome content. At the top of the list is violent content, which China has never wanted online.
China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes.