Security News

Chinese Earth Krahang hackers breach 70 orgs in 23 countries
2024-03-18 20:49

A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. Specifically, the hackers have compromised 48 government organizations, 10 of which are Foreign Affairs ministries, and targeted another 49 government agencies.

Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers
2024-03-15 06:18

Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of...

Forget TikTok – Chinese spies want to steal IP by backdooring digital locks
2024-03-14 23:35

In a letter to National Counterintelligence and Security Center director Michael Casey, US senator Ron Wyden urged the White House threat-intel arm to sound the alarm on commercial safes and locks. Most commercially available safes include manufacturer reset codes for their locks to help consumers if they lose or forget the code they set.

Google engineer caught stealing AI tech secrets for Chinese firms
2024-03-07 14:56

The U.S. Department of Justice has announced the unsealing of an indictment against Linwei Ding, 38, a former software engineer at Google, suspected of stealing Google AI trade secrets for Chinese companies. The allegedly stolen trade secrets involve crucial technology underpinning Google's advanced supercomputing data centers, which are essential for training and hosting large AI models capable of processing nuanced language and generating intelligent responses.

Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks
2024-03-07 13:22

The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end of the attacks is to...

Chinese chap charged with stealing Google’s AI datacenter secrets
2024-03-07 00:37

The US Department of Justice on Wednesday revealed an indictment that charges a former Google employee with leaking the ad giant's AI tech to two Chinese companies - after easily defeating the Big G's security controls. The indictment names Linwei Ding, aka Leon Ding, and states that during his time at Google his job involved "Development of software that allowed GPUs to function efficiently for machine learning, AI applications, or other purposes required by Google or Google Cloud clients."

Chinese 'connected' cars are a national security threat, says Biden
2024-02-29 19:01

Concerned over the chance that Chinese-made cars could pose a future threat to national security, Biden's administration is proposing plans to probe potential threats posed by "Connected" vehicles made in the Middle Kingdom. The US president said he's putting the onus for sussing out the reality of the threat posed by Chinese automobiles on the Department of Commerce, which today said it issued an advanced notice of proposed rulemaking seeking public comment on the matter.

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware
2024-02-29 05:49

At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN...

Chinese PC-maker Acemagic customized its own machines to get infected with malware
2024-02-29 04:46

Chinese PC maker Acemagic has admitted some of its products shipped with pre-installed malware. YouTuber The Net Guy found malware on Acemagic mini PCs when he tested them in early February.

Giant leak reveals Chinese infosec vendor I-Soon is one of Beijing's cyber-attackers for hire
2024-02-22 06:31

A cache of stolen document posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing. Analysis of the docs by infosec vendor SentinelOne characterizes I-Soon as "a company who competes for low-value hacking contracts from many government agencies."