Security News

Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. "Patchwork relied on a range of elaborate fictitious personas to socially engineer people into clicking on malicious links and downloading malicious apps," the social media giant said.

Infosec in brief US senator Ron Wyden thinks it's Microsoft's fault that Chinese hackers broke into Exchange Online, and he wants three separate government agencies to launch investigations and "Hold Microsoft responsible for its negligent cyber security practices." The Chinese hack of Microsoft's hosted email service, you may recall, occurred because suspected Chinese hackers were able to steal an encryption key used for Microsoft account services.

Chinese companies, including state-owned defense companies, are evading tech sanctions and fueling Moscow's war in Ukraine, according to a US report released on Thursday. "Beijing is pursuing a variety of economic support mechanisms for Russia that mitigate both the impact of Western sanctions and export controls," states the report.

Chinese made AI-enabled products should spark similar concerns to Middle Kingdom sourced 5G equipment and therefore be regulated, said think tank Australian Strategic Policy Institute on Thursday. In a report, titled "De-risking Authoritarian AI," ASPI's Simeon Gilding argued that AI-enabled products present perhaps an even greater risk than 5G which is also more difficult to mitigate.

The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an established threat actor like APT 41 including mobile in its arsenal of malware shows how mobile endpoints are high-value targets with coveted corporate and personal data," Lookout said in a report shared with The Hacker News.

US commerce secretary Gina Raimondo and other State and Commerce Department officials were reportedly among the victims of a China-based group's attack on Microsoft's hosted email services. The US Cybersecurity and Infrastructure Security Agency and the FBI issued a joint advisory detailing how a Federal Civilian Executive Branch agency was tipped off when it observed MailItemsAccessed events with an unexpected ClientAppID and AppID in Microsoft 365 Audit Logs - as the AppId did not normally access mailbox items in that manner.

A Chinese hacking group has breached the email accounts of more than two dozen organizations worldwide, including U.S. and Western European government agencies, according to Microsoft. "Microsoft investigations determined that Storm-0558 gained access to customer email accounts using Outlook Web Access in Exchange Online and Outlook.com by forging authentication tokens to access user email," Microsoft said in a blog post published late Tuesday evening.

Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations, some of which include government agencies, in a cyber espionage campaign designed to acquire confidential data. "They focus on espionage, data theft, and credential access," Microsoft said.

Cybersecurity researchers have unearthed a novel rootkit signed by Microsoft that's engineered to communicate with an actor-controlled attack infrastructure. "This malicious actor originates from China and their main victims are the gaming sector in China," Trend Micro's Mahmoud Zohdy, Sherif Magdy, and Mohamed Fahmy said.

Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account consumer signing key, the company has revealed on Tuesday. "The threat actor Microsoft links to this incident is an adversary based in China that Microsoft calls Storm-0558. We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection."