Security News

The U.S. Federal Communications Commission on Tuesday designated Chinese telecommunications companies Huawei and ZTE as national security threats. By declaring the Chinese companies national security threats, the FCC is banning U.S. organizations from acquiring equipment or services using money from the agency's Universal Service Fund.

TikTok denied Tuesday sharing Indian users' data with the Chinese government, after New Delhi banned the wildly popular app in a sharp deterioration of relations with Beijing two weeks after a deadly border clash. "TikTok continues to comply with all data privacy and security requirements under Indian law and have not shared any information of our users in India with any foreign government, including the Chinese government," TikTok India chief Nikhil Gandhi said in a statement.

India on Monday banned 59 Chinese mobile apps, including the wildly popular TikTok and WeChat, over national security and privacy concerns two weeks after a deadly Himalayan border clash between the nuclear-armed neighbours. The apps "Are engaged in activities... prejudicial to sovereignty and integrity of India, defence of India, security of state and public order," the Ministry of Information Technology said in a statement.

A newly identified piece of malware is being distributed embedded in tax payment software that some businesses operating in China are required to install. One of the compromised organizations, a global technology vendor that conducts government business in the US, Australia and UK, and which recently opened offices in China, became infected after installing "Intelligent Tax," a piece of software from the Golden Tax Department of Aisino Corporation, which a local bank required for paying local taxes.

As Australia reels under sustained cyber attacks following increased Chinese diplomatic hostility, the country's Lion brewery and dairy conglomerate has been hit for the second time. The Sydney Morning Herald reported that Lion told its staff today "It had been hit by a second cyber attack that had further disrupted its IT systems."

Facebook last week began slapping "State controlled" labels on media outlets that it's determined are under the thumb of a government. According to NPR, as of Thursday's announcement, Pages and posts from at least 18 media outlets had been labelled "State-controlled media," including Russia Today, Russia's Sputnik News, China's People's Daily, China Xinhua News, and Iran's Press TV. The Facebook Pages for all of the outlets are now carrying transparency notices that advise users that they're "Wholly or partially under the editorial control of a state," as determined by factors including funding, structure and journalistic standards.

For years, a China-linked threat actor named Cycldek has been exfiltrating data from air-gapped systems using a previously unreported, custom USB malware family, Kaspersky reports. Both malware versions were used to target diplomatic and government entities, but each was focused on a different geography, Kaspersky believes.

Google has deleted an app from the Play Store that offered to delete Android software associated with China. Demos found online showed it deleting TikTok, the popular messaging app owned by Chinese developer ByteDance, and UC Browser, developed by Alibaba-owned UCWeb.

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. In addition to using images uploaded to Baidu Tieba to distribute configuration files and malware - a technique called steganography - the group has begun using Alibaba Cloud storage to host configuration files and Baidu's analytics platform Tongji to manage the activity of its infected hosts, the researchers said.

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. In addition to using images uploaded to Baidu Tieba to distribute configuration files and malware - a technique called steganography - the group has begun using Alibaba Cloud storage to host configuration files and Baidu's analytics platform Tongji to manage the activity of its infected hosts, the researchers said.