Security News

A Vietnam-linked threat actor tracked as APT32 is believed to have carried out intrusion campaigns against Chinese entities in an effort to collect intelligence on the COVID-19 crisis, FireEye reports. A state-sponsored hacking group also known as OceanLotus and APT-C-00, APT32 is believed to be well-resourced and determined, and was previously observed targeting corporate and government organizations in Southeast Asia.

Semtech, a leading supplier of high performance analog and mixed-signal semiconductors and advanced algorithms, announced that several of its leading customers, including CIAAIoT, EasyLinkin, IOCA, RisingHF, and Winext Technology, have integrated Semtech's LoRa devices and the LoRaWAN protocol with Cloud-based platforms developed by Alibaba Cloud and Tencent Cloud, to deploy smarter Internet of Things-based monitoring applications for residents in quarantine scenarios. Health services employees, including disease control and prevention teams, are increasingly leveraging smarter applications based on IoT to provide efficient, high quality care to their communities.

New research from Atlas VPN has shown that the United States experienced more than 175,000 DDoS attacks in the month of March, more than double the number faced by the next highest country and four times as many as China. According to data gathered and analyzed by Atlas VPN researchers, South Korea and Brazil both suffered from more than 50,000 DDoS attacks while China came in just ahead of the United Kingdom with about 45,000 attacks.

Zoom's security catch-up sprint has seen it announce its users will soon be able to choose where their traffic goes. The new feature will help users in places like Taiwan, where the government banned Zoom after learning traffic could go through its frenemies in Beijing.

The United States threatened Thursday to cut off Beijing-controlled China Telecom from serving the US market because of legal and security risks, the Justice Department announced Thursday. The agencies making the recommendation - which also included the Justice Department, the Commerce Department, and the US Trade Representative - said China Telecom is vulnerable to "Exploitation, influence and control" by the Chinese government.

Successfully conducting cross-platform attacks targeting Linux, Windows and Android devices, the adversaries have been engaged in both financially motivated and targeted espionage attacks. For years, these groups have been strategically targeting Linux servers across a broad range of industry verticals, exploiting the immature defensive coverage within the environment and the inadequate use of endpoint protection and endpoint detection and response products, BlackBerry notes.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

A recent analysis of the Zoom video conferencing application revealed that the keys used to encrypt and decrypt meetings may be sent to servers in China, even if all participants are located in other countries. "A scan shows a total of five servers in China and 68 in the United States that apparently run the same Zoom server software as the Beijing server. We suspect that keys may be distributed through these servers. A company primarily catering to North American clients that sometimes distributes encryption keys through servers in China is potentially concerning, given that Zoom may be legally obligated to disclose these keys to authorities in China," Citizen Lab explained in a report published on Friday.

Vulnerabilities patched earlier this year in Firefox and Internet Explorer have been exploited by an advanced persistent threat actor in attacks aimed at China and Japan. Both vulnerabilities were exploited in attacks before patches were released.

During January and February APT41's attacks were concentrated against Cisco devices using previously revealed vulnerabilities and what FireEye speculated was a pre-compiled list of vulnerable devices connected to the internet. In early March the Chinese hackers picked up on CVE-2020-10189, a zero-day remote code execution vuln in Zoho ManageEngine Desktop Central.