cybercrime
Mandiant warns of 'sustained campaign' by China's ATP41 threat group
Threat actor decrypts malicious payloads and executes them in memory, leaving 'minimal forensic traces.'
cybercrime
NCSC issues urgent security alert over Chinese threat actor's 'evolving' techniques
A group called 'APT40' working for China's Ministry of State Security is allegedly capable of exploiting POCs within hours or days of public release
Cybersecurity
EU shows "a complete lack of security thinking" says former Estonian president
Estonian ex-prez Ilves and Columbia Law prof deliver stark warning to cyberpros
TikTok
TikTok promises AI labels, as its lawyers fight “unconstitutional” divestment Act
ByteDance spins up new “Influence Operations Intelligence” team in a further bid to head off complaints.
News
FBI boss warns of China threat
China has built itself into a cyberattack powerhouse unrivaled by any other nation, according to the head of the FBI
News
Chinese hackers using fake profiles to sow chaos in US
Threat actors in China have been using fake profiles and AI engines to generate inflammatory content around major news and election events in the US
Microsoft
Microsoft’s “top notch” China hack post-mortem was "troubling" speculation
"The loss of a signing key is a serious problem, but the loss of a signing key through unknown means is far more significant... Microsoft’s customers did not have essential facts needed to make their own risk assessments."
cybersecurity
China's I-Soon-linked threat group hit 70 organisations in 45 countries
Group screwed up their opsec, let Trend Micro pull samples, configuration files, and log files from attackers' servers.
spyware
Massive “i-Soon” leak reveals Chinese firm's hacking tools, targets, including NATO
Tools, gripes of contractor working for China's Ministry of Public Security dumped online in landmark breach
ISPs
Chinese spy balloons found using commercial ISPs
A commercial internet service provider in the US was said to have been used by Chinese intelligence to link up with the spy balloons spotted over remote parts of the country earlier this year
China
Threat group is installing a backdoor in compromised Cisco router firmware. NSA says get better kit
"The modified firmware uses a built-in SSH backdoor, allowing BlackTech actors to maintain access to the compromised router without their connections being logged"
Cybersecurity
Quis custodiet? Powerful Japanese cybersecurity agency hacked, as allies fret
"Japan's cybersecurity nightmare is everyone else's problem, too"