Security News

Chinese president Xi Jinping has opened the 20th Congress of the Chinese Communist Party with a call for the nation he leads to win the race for development of "Core technologies" and to become self-reliant in strategic tech. In his Sunday speech he spoke of innovation being focused on national strategic requirements - therefore led by the State - and linked the development and implementation of information technology to national security.

Hackers tied to the Iranian government have been targeting individuals specializing in Middle Eastern affairs, nuclear security and genome research as part of a new social engineering campaign designed to hunt for sensitive information. Enterprise security firm attributed the targeted attacks to a threat actor named TA453, which broadly overlaps with cyber activities monitored under the monikers APT42, Charming Kitten, and Phosphorus.

China has accused the U.S. National Security Agency of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi'an in June 2022. The National Computer Virus Emergency Response Centre disclosed its findings last week, and accused the Office of Tailored Access Operations at the USA's National Security Agency of orchestrating thousands of attacks against the entities located within the country.

China has accused the United States of a savage cyber-attack on a university famed for conducting aerospace research and linked to China's military. The National Computer Virus Emergency Response Centre made its accusation on September 5th, claiming that the Office of Tailored Access Operation at the USA's National Security Agency has unleashed over 10,000 attacks in China, some using zero-day exploits, and lifted 140GB of "High value data".

The enterprise-grade Titan M security chip was custom built to help protect data. Derived from the same chip Google uses to protect its cloud data centers, it handles processes and information, such as passcode protection, encryption, and secure transactions in apps.

The Spanish National Research Council last month was hit by a ransomware attack that is now attributed to Russian hackers. CSIC is a state agency for scientific research and technological development part of the Spanish Ministry of Science and Innovation but with a special status in that it has "Its own assets and treasury, functional and managerial autonomy."

Cyber resiliency is now an essential requirement for any business. Given the threat to data and IT servers, businesses must invest in cyber-resiliency strategies to reduce operational risk.

When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. While companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report.

The hacker behind this hijack has now broken silence and explained his reasons to BleepingComputer. The hijacker of these libraries is an Istanbul-based security researcher, Yunus Aydın aka SockPuppets, who has attested to the fact when approached by BleepingComputer.

How well do your Linux security practices stack up in today's challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute. The research sponsored by TuxCare sought to understand better how organizations are currently managing the security and stability of their Linux-based systems.