Security News

Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector and bearing the hallmarks of originating in China if not being Chinese state sponsored. One sample was found dropping previously unknown malware, that the Cybereason researchers have now called PortDoor.

Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. Threat researchers at Cybereason Nocturnus found that the attacker lured the recipient to open the malicious document with a general description for an autonomous underwater vehicle.

Bad actors with suspected ties to China have been behind a wide-ranging cyberespionage campaign targeting military organizations in Southeast Asia for nearly two years, according to new research. Attributing the attacks to a threat actor dubbed "Naikon APT," cybersecurity firm Bitdefender laid out the ever-changing tactics, techniques, and procedures adopted by the group, including weaving new backdoors named "Nebulae" and "RainyDay" into their data-stealing missions.

A cyber-espionage group believed to be sponsored by the Chinese government has been observed targeting military organizations in Southeast Asia in attacks involving previously undocumented malware, Bitdefender reported on Wednesday. The group has been known to focus on government and military organizations.

Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities. Tokyo's Metropolitan Police yesterday said they've filed a case against a Chinese national who they said works for a state-owned telco and, while living in Japan, rented servers to attack the Japan Aerospace Exploration Agency in 2016.

Tokyo police are investigating cyberattacks on about 200 Japanese companies and research organizations, including the country's space agency, by a hacking group believed to be linked to the Chinese military, the government said Tuesday. A suspect in the JAXA case, a Chinese systems engineer based in Japan, allegedly gained access to a rental server by registering himself under a false identity to launch the cyberattacks, Kato said, citing the police investigation.

Ten thousand Britons have been targeted on LinkedIn by recruiters for the Chinese and Russian intelligence services, according to an awareness campaign launched by domestic spy agency MI5 this morning. Details were previewed in this morning's Times newspaper, which warned specifically of people with "Access to classified or sensitive information" being targeted by Britain's enemies.

Stolen videos captured by tens of thousands of security cameras at private properties throughout China are now for sale across social media, marketed as sex tapes. The stolen security video clips are packaged together and sold as "Home video packages" the Post reported.

Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States, Syria, Australia, Canada and other countries," Facebook's Head of Cyber Espionage Investigations, Mike Dvilyanski, and Head of Security Policy, Nathaniel Gleicher, said.

Researchers from Chinese cybersecurity company Qihoo 360 have earned another $20,000 from Google for a sandbox escape vulnerability affecting the Chrome web browser. Google informed Chrome users on Tuesday that an update for version 89 includes eight security fixes, including for six vulnerabilities reported by external researchers.