Security News

Attempts to reorganize supply chains to cut out China and foil its attempts to build a high-tech chip industry will be costly and may simply cause the Middle Kingdom to redouble its efforts, says memory maker Kioxia. Flores said China would likely retaliate against the recently announced US export controls by ramping up domestic investment in NAND as a long-term solution to its chip supply issues.

As cyberattacks have grown increasingly destructive, nations are entertaining the idea of responding to them with conventional military forces. The seriousness of a cyberattack classified as an "Armed attack" against a NATO member cannot be overstated.

Only a "Handful" of US states have stopped buying Chinese technologies deemed by the government to pose security threats, according to a report from a Washington policy research group. The Georgetown University think tank paper, published this week, says that "Thousands" of public officials are still purchasing prohibited tech from "Huawei, ZTE, and other Chinese companies" and that most state and local governments simply haven't bought into existing federal actions by making any changes to their procurement policies.

The prolific pro-Beijing Dragonbridge crew has apparently stepped up its activity ahead of the US 2022 midterms by trying to discourage Americans from voting as well as pinning the Nord Stream pipeline explosion on Uncle Sam. Dragonbridge has become better at impersonating Americans in social media posts, mainly through improved writing and use of pronouns, Mandiant claimed.

American prosecutors on Monday accused 13 people of committing espionage-linked crimes in the US on behalf of the Chinese government. Their charges, spread over three separate cases, include: attempting to force a Chinese national in America to return to China; attempting to interfere with the federal criminal prosecution of a Chinese company, said to be Huawei; and attempting to recruit US academics and government officials in the US to spy for China.

CISA, the FBI, and the Department of Health and Human Services warned that a cybercrime group known as Daixin Team is actively targeting the U.S. Healthcare and Public Health sector in ransomware attacks. "The Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations since at least June 2022," the advisory revealed.

The Reg attended Singapore International Cyber Week 2022, where officials from twelve countries had an airing of grievances across three separate panels, as if they were seated at carefully arranged tables at a wedding. "We should stop these actions and come to the table, and talk the way you do here in Singapore in International Cyber Week. I was lucky to be invited. I prefer coming here than to the UN because the US does everything possible to restrict discussions."

The FBI has released a warning that scammers may be targeting individuals seeking to enroll in the Federal Student Aid program to steal their personal information, payment details, and money. Federal Student Aid is a debt relief program announced in August 2022 that opened for applications yesterday.

Advanced persistent threat group Budworm has shifted targets after hitting the Middle East, Europe and Asia, and was caught this week trying to break into the systems of an unnamed US state legislature. Symantec's Threat Hunter team reported the intrusion, saying it has all the hallmarks of an attack from Chinese-linked Budworm gang, which is thought to be state-sponsored.

Uber's security compromise earlier this month is an unfortunate result of concerns left over from an attack the company sustained in 2016 when a pair of hackers outside of Uber accessed user data that was stored on a 3rd-party server. While MFA can guard against attacks using stolen credentials, that doesn't protect against what could happen if a hacker has credentials and uses them for a more advanced attack.