Hackers use Golang source code interpreter to evade detection

A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage attacks against organizations in East Asia. The attacks are tracked by SentinelLabs, whose researchers report that DragonSpark relies on a Read More …

Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)

Mandiant is tracking a suspected China-nexus campaign believed to have exploited a recently announced vulnerability in Fortinet’s FortiOS SSL-VPN, CVE-2022-42475, as a zero-day. Evidence suggests the exploitation was occurring as early as October 2022 and identified targets include a European Read More …

Chinese Playful Taurus Activity in Iran

Playful Taurus, also known as APT15, BackdoorDiplomacy, Vixen Panda, KeChang and NICKEL, is a Chinese advanced persistent threat group that routinely conducts cyber espionage campaigns. The group has been active since at least 2010 and has historically targeted government and Read More …

A UN committee is struggling to define what cybercrime is in upcoming treaty

A United Nations committee – whose members include delegates from the U.S., China and Russia — is meeting throughout this week and next to continue negotiations for a new international cybercrime treaty. Why it matters: The finished UN cybercrime treaty Read More …

Cloudflare finds a way through China’s network defences

Cloudflare has found a way to extend some of its services across the Great Firewall and into mainland China. “Performance and reliability for traffic flows across the mainland China border have been a consistent challenge for IT teams within multinational Read More …

Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia

Mandiant Managed Defense recently identified cyber espionage activity that heavily leverages USB devices as an initial infection vector and concentrates on the Philippines. Mandiant tracks this activity as UNC4191 and we assess it has a China nexus. UNC4191 operations have Read More …

US bans Huawei, ZTE equipment sales amid Chinese spying fears

The Biden administration has banned approvals of new telecommunications equipment from China’s Huawei Technologies and ZTE because they pose “an unacceptable risk” to US national security. The US Federal Communications Commission said on Friday it had adopted the final rules, Read More …

UK: Government departments ordered to stop installing cameras made by Chinese firms in ‘sensitive sites’

Government departments have been told to stop installing cameras made by Chinese firms in “sensitive sites”. They have also been urged to disconnect Chinese-made devices from core computer networks and to consider removing them altogether, amid security concerns. The Government Read More …

WannaRen Returns as Life Ransomware, Targets India

Although not as well-known as ransomware families such as Ryuk, REvil, or Maze, WannaRen ransomware made a name for itself back in 2020 after it launched attacks against Chinese internet users, infecting tens of thousands of victims. However, it has Read More …

Wray tells lawmakers that FBI conducts cyber offensive operations

FBI Director Christopher Wray told Senate lawmakers on Thursday that his agency has been conducting offensive cyber operations against state and non-state cyber actors. Wray said offensive operations are one of many tactics the agency employs to counter various cyber Read More …