Security News

In an advisory this week, the Department of Homeland Security warned American organizations of the risks posed by using data services and equipment from firms that have ties to the People's Republic of China. "The PRC presents a grave threat to the data security of the U.S. government and U.S. businesses. It has both the intent and ability to covertly access data directly through entities under the influence or jurisdiction of PRC laws," the DHS says.

The US Department of Homeland Security warned American businesses of the data theft risks behind using equipment and data services provided by companies linked with the People's Republic of China. The DHS said that Chinese companies could be forced by newly enacted PRC laws to cooperate with Chinese security and intelligence services.

The United States Department of Homeland Security has published a guide to the terrifying risks that businesses will expose themselves to if they use tech created in the Peoples' Republic of China or engage in any business activity with the Middle Kingdom. The fifteen-page "Data Security Business Advisory" [PDF] opens by warning "Businesses expose themselves and their customers to heightened risk when they share sensitive data with firms located in the PRC, or use equipment and software developed by firms with an ownership nexus in the PRC.".

The United States on Friday announced it has imposed export controls on 77 Chinese companies including the country's biggest chipmaker, SMIC, restricting its access to US technology over its alleged ties to China's military. The announcement in the final weeks of President Donald Trump's term comes after relations between Washington and Beijing soured under his administration, which saw the US start a trade war with China and expand its list of sanctioned entities to a few hundred Chinese companies and subsidiaries.

While it's a thrilling development, the inevitable rise of quantum computing means security teams are one step closer to facing a threat more formidable than anything before. The team joins Google, which claimed it achieved quantum supremacy in Oct. 2019 using a "Supercold, superconducting metal," according to WIRED. IBM has also entered the quantum computing fray, while leveling criticism against Google's claims of supremacy.

A Chinese threat actor tracked as Mustang Panda was observed using an updated arsenal of tools in recent attacks, Proofpoint's security researchers revealed on Monday. Also referred to as TA416 and RedDelta, the threat group is known for the targeting of entities connected to the diplomatic relations between the Vatican and the Chinese Communist Party, along with entities in Myanmar, and the new campaign appears to be a continuation of that activity.

VMware on Thursday announced releasing patches for a couple of serious ESXi vulnerabilities that were demonstrated at a recent hacking contest in China. The 360 ESG Vulnerability Research Institute from Chinese cybersecurity company Qihoo 360 earned more than $740,000 of the total, including $180,000 for a VMware ESXi guest to host escape exploit.

VMware has revealed and repaired the flaws in its hypervisor discovered at China's Tianfu Cup white hat hacking competition. The bug needs patching in ESXi from version 6.5, VMware's Fusion and Workstation desktop hypervisors from versions 11 and 15 respectively, plus VMware Cloud Foundation from version 3.

China-linked threat actor APT10 was observed launching a large-scale campaign against Japanese organizations and their subsidiaries. The attacks mainly focused on South and East Asia, with one victim being a Chinese subsidiary of a Japanese organization, an atypical target for a state-sponsored Chinese group.

A Chinese state-sponsored hacking group has been observed while attempting to exploit the Windows Zerologon vulnerability in attacks against Japanese companies and subsidiaries from multiple industry sectors in 17 regions around the globe. APT10 attackers were also observed using Zerologon exploits to steal domain credentials and take full control over the entire domain following successful exploitation of vulnerable devices.