Security News

A China-linked threat actor tracked as APT41 has targeted many organizations around the world by exploiting vulnerabilities in Citrix, Cisco and Zoho ManageEngine products, FireEye reported on Wednesday. "It's unclear if APT41 scanned the Internet and attempted exploitation en masse or selected a subset of specific organizations to target, but the victims appear to be more targeted in nature," FireEye said.

Peng earlier confessed that SD cards loaded with information stolen from an unspecified US company were left for him to collect at hotels by a contact only known as Ed. Peng would also hide tens of thousands of dollars in hotel rooms for Ed to collect as payment. Prosecution paperwork [PDF] stated that, from 2015 through 2019, Peng agreed to, under orders from the Chinese Ministry of State Security, collect SD cards filled with stolen corporate information, and fly to China to drop them off to government snoops.

Even a long-standing China-based APT has begun to use the threat in a new spear-phishing campaign. Researchers from Check Point Research have found a spear-phishing campaign targeting the Mongolian public sector and apparently emanating from China.

TikTok, the controversial and wildly popular social video app maker, announced on Thursday that Roland Cloutier will join the company as Chief Information Security Officer. Cloutier joins TikTok from ADP where he served as SVP and Chief Security Officer, overseeing the company's cyber, information protection, risk, workforce protection, crisis management, and investigative security operations worldwide.

US officials on Wednesday stepped up warnings about the potential security risks from the fast-growing, Chinese-owned TikTok as a lawmaker unveiled legislation to ban the social media app from government devices. Senator Josh Hawley, who convened the hearing, said he was introducing a bill to ban TikTok from all US government devices, calling it "a major security risk for the American people."

The Chinese company claims it's aware of attacks launched by the CIA between September 2008 and June 2019. "In the CIA's attack against Chinese aviation organizations and scientific research institutions, we found that attackers mainly targeted system developers in these sectors to carry out the campaigns," Qihoo said in an English-language blog post.

Qihoo 360, one of the most prominent cybersecurity firms, today published a new report accusing the U.S. Central Intelligence Agency to be behind an 11-year-long hacking campaign against several Chinese industries and government agencies. The claims made by the company are based on the evidential connection between tools, tactics, and procedures used by a hacking group, dubbed 'APT-C-39' against Chinese industries, and the 'Vault 7' hacking tools developed by the CIA. As you may remember, the massive collection of Vault 7 hacking tools was leaked to the public in 2017 by the whistleblower website Wikileaks, which it received from Joshua Adam Schulte, a former CIA employee who is currently facing charges for leaking classified information.

The latest in a string of China-linked hacking incidents came with the Monday indictment of four members of the Chinese military for breaking into the credit-reporting agency Equifax in 2017. The motives, as with several others hacks that preceded it, appear to be more about espionage than stealing trade secrets, cybersecurity experts say.

The takedown of Equifax begs the question of whether attackers might also have been camping out in the networks of other consumer credit reporting agencies - Experian, TransUnion and others - as well as other data brokers. Interesting overlay: In 2015, President Barack Obama threatened China with severe sanctions if it didn't cease its hack attack ways, and in September of that year, he reached a landmark agreement with Chinese President Xi Jinping, which aimed to put intellectual property off limits for nation-state espionage operators.

The US Justice Department on Monday accused the hackers of stealing the sensitive personal information of some 145 million Americans, in one of the world's largest-ever data breaches. Since then hotels giant Marriott lost data on some 500 million global customers to hackers believed to be Chinese.