Security News

Two people have been arrested in Malaysia as part of America's crackdown on the Chinese government's hackers. The two men, both Malaysian nationals, are not accused of breaking into computer networks.

Where Chinese hackers exploit, Iranians aren't far behind. So says the US Cybersecurity and Infrastructure Security Agency, which is warning that malicious persons from Iran are exploiting a slew of vulns in VPN products from Citrix, F5 Networks and Pulse Secure.

The US government says the Chinese government's hackers are preying on a host of high-profile security holes in enterprise IT equipment to infiltrate Uncle Sam's agencies and American businesses. In a joint statement, the FBI and Homeland Security's Cybersecurity and Infrastructure Security Agency on Monday claimed Beijing's miscreants have exploited or attempted to exploit bugs including those in Microsoft Exchange Server, the F5 Big-IP remote takeover vulnerability, Pulse Secure's VPN's remote code flaw and the Citrix VPN directory traversal hole.

Microsoft believes there have been extensive "Cyberattacks targeting people and organizations involved in the upcoming presidential election," and that foreign government hackers responsible for attacks ahead of the 2016 vote are back with new and nastier tactics. The Windows giant's corporate veep for Customer Security & Trust Tom Burt said both sides of US politics are being attacked, that China, Russia and Iran are all active, and that the spies are also actively targeting UK political parties and other international institutions.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

China has launched an initiative to address global data security issues, a countermove to the U.S. "Clean network" program that is aimed at discouraging other countries from using Chinese technology. The move comes amid a deterioration in U.S.-China relations encompassing trade tensions and competition in telecommunications and artificial intelligence technologies, with the U.S. accusing Chinese technology companies of threatening American national security.

China has proposed a "Global Initiative on Data Security" that it hopes the world will adopt to govern the collection and use of data by governments and the private sector alike. Approach data security with an objective and rational attitude, and maintain an open, secure and stable global supply chain.

Researchers discovered the new malware being distributed over the past six months through two separate campaigns. "Based on the use of publicly known sender addresses associated with Tibetan dissident targeting and the delivery of Sepulcher malware payloads, [we] have attributed both campaigns to the APT actor TA413," said Proofpoint researchers in a Wednesday analysis.

A Chinese national was arrested in the United States for destroying evidence of possible transfer of sensitive data to China. The man, Guan Lei, 29, was a researcher at the University of California, Los Angeles, and was staying in the U.S. on a J-1 non-immigrant visa.

Chinese hackers infiltrated at least 10 Taiwan government agencies and gained access to around 6,000 email accounts in an attempt to steal data, officials said Wednesday. The damage done was "Not small", according to a top Taiwan cyber official, who said the full impact was still being assessed.