Security News
The U.S. National Security Agency this week released an advisory containing information on 25 vulnerabilities that are being actively exploited or targeted by Chinese state-sponsored threat actors. The NSA notes that it has observed Chinese threat actors scanning for or attempting to exploit these vulnerabilities against multiple victims.
The US Cybersecurity and Infrastructure Security Agency has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or have exploited in attacks. "Most of the vulnerabilities [] can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks. The majority of the products are either for remote access or for external web services, and should be prioritized for immediate patching," the agency noted.
Chinese state-sponsored hackers are targeting a Cisco Discovery Protocol vulnerability that was disclosed earlier this year, the networking giant and the U.S. National Security Agency revealed on Tuesday. The list includes several vulnerabilities that were not known to have been targeted, including CVE-2020-3118, which impacts Cisco products.
The NSA has blown the lid off 25 computer security vulnerabilities Chinese government hackers are using to break into networks, steal data, and so on. CVE-2019-0708: A remote code execution vulnerability exists within Microsoft Windows' Remote Desktop Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
The U.S. National Security Agency warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests. As part of these attacks, the NSA has seen twenty-five publicly disclosed vulnerabilities exploited to gain access to networks, deploy malicious mobile apps, and spread laterally through a system while attackers steal sensitive data.
The Chinese have been illegally squid fishing near the Galapagos Islands. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my...
The Huawei Cyber Security Evaluation Centre - mostly run by GCHQ offshoot the National Cyber Security Centre, though it is also staffed by some Huawei personnel - sighed that the Chinese company has made "Limited" progress on last year's recommendations to toughen up its act. Code reviewers found "Evidence that Huawei continues to fail to follow its own internal secure coding guidelines. This is despite some minor improvements over previous years." In addition, "The Cell" said it had found more vulnerabilities during 2019 than it had in previous years - though Huawei was keen to paint this finding as "Proof the review system is working", something NCSC guardedly agreed with.
Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China. "While we cannot see what Palmerworm is exfiltrating from these victims, the group is considered an espionage group and its likely motivation is considered to be stealing information from targeted companies," the cybersecurity firm said.
Importantly many foods are frozen using what some call a "Flash freezing" process where the water crystalises rather differently. "Flash freezing is used in the food industry to quickly freeze perishable food items. In this case, food items are subjected to temperatures well below water's melting/freezing point. Thus, smaller ice crystals are formed, causing less damage to cell membranes."
Chinese hackers have stolen information from Spanish laboratories working on a vaccine for Covid-19, El Pais newspaper reported Friday. Speaking to journalists on Thursday, Esteban who heads the CNI intelligence services, said there had been a "Qualitative and quantitative" increase in attacks during lockdown, with hackers targeting "Sensitive sectors such as healthcare and pharmaceuticals".