Security News

A newly identified piece of malware is being distributed embedded in tax payment software that some businesses operating in China are required to install. One of the compromised organizations, a global technology vendor that conducts government business in the US, Australia and UK, and which recently opened offices in China, became infected after installing "Intelligent Tax," a piece of software from the Golden Tax Department of Aisino Corporation, which a local bank required for paying local taxes.

As Australia reels under sustained cyber attacks following increased Chinese diplomatic hostility, the country's Lion brewery and dairy conglomerate has been hit for the second time. The Sydney Morning Herald reported that Lion told its staff today "It had been hit by a second cyber attack that had further disrupted its IT systems."

Facebook last week began slapping "State controlled" labels on media outlets that it's determined are under the thumb of a government. According to NPR, as of Thursday's announcement, Pages and posts from at least 18 media outlets had been labelled "State-controlled media," including Russia Today, Russia's Sputnik News, China's People's Daily, China Xinhua News, and Iran's Press TV. The Facebook Pages for all of the outlets are now carrying transparency notices that advise users that they're "Wholly or partially under the editorial control of a state," as determined by factors including funding, structure and journalistic standards.

For years, a China-linked threat actor named Cycldek has been exfiltrating data from air-gapped systems using a previously unreported, custom USB malware family, Kaspersky reports. Both malware versions were used to target diplomatic and government entities, but each was focused on a different geography, Kaspersky believes.

Google has deleted an app from the Play Store that offered to delete Android software associated with China. Demos found online showed it deleting TikTok, the popular messaging app owned by Chinese developer ByteDance, and UC Browser, developed by Alibaba-owned UCWeb.

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. In addition to using images uploaded to Baidu Tieba to distribute configuration files and malware - a technique called steganography - the group has begun using Alibaba Cloud storage to host configuration files and Baidu's analytics platform Tongji to manage the activity of its infected hosts, the researchers said.

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. In addition to using images uploaded to Baidu Tieba to distribute configuration files and malware - a technique called steganography - the group has begun using Alibaba Cloud storage to host configuration files and Baidu's analytics platform Tongji to manage the activity of its infected hosts, the researchers said.

One of China's major tech hubs is planning to make a health and movement tracking system developed to fight the COVID-19 epidemic a permanent fixture in daily life. Officials in the city of Hangzhou, home to Alibaba and other Chinese tech concernts, said on Friday the local government wishes to create creating a permanent version the country's tracing app that was designed to help lift the country out of lockdown.

One of China's major tech hubs is planning to make a health and movement tracking system developed to fight the COVID-19 epidemic a permanent fixture in daily life. Officials in the city of Hangzhou, home to Alibaba and other Chinese tech concernts, said on Friday the local government wishes to create creating a permanent version the country's tracing app that was designed to help lift the country out of lockdown.

A threat actor believed to be operating out of China has been targeting physically isolated military networks in Taiwan and the Philippines, Trend Micro reports. Now, Trend Micro reveals that, since December 2014, the threat actor has been leveraging a piece of malware referred to as USBferry to target entities such as military/navy agencies, government institutions, military hospitals, and even a national bank.