Tag: china
Critical infrastructure at risk from modem flaws
“Critical flaws” have been identified in modems deployed in millions of devices worldwide. Cybersecurity firm Kaspersky has issued a report warning companies of severe security vulnerabilities in Cinterion cellular modems. According to Kaspersky, Cinterion modems are cornerstone components in machine-to-machine (M2M) and Internet of Things (IoT) communications and now offer a back door for all kinds of threat actors. They support various applications, ranging from industrial automation and vehicle telematics to smart metering and healthcare monitoring. Gemalto, the initial developer of the modems, was subsequently acquired by Thales. In 2023, Telit acquired Thales’ cellular IoT products business, including the Cinterion modems.
BogusBazarr signals red light for brands
By operating a “fraud-as-a-service’ (FaaS) website, BogusBazarr, operating out of China, runs 200 fraudulent webshops and has so far claimed 850,000 victims, mostly from the US and Western Europe. Victims who access BogusBazarr shops are offered amazing-sounding deals on shoes and apparel from well-known brands. But as the webshops are totally fraudulent, the victims end up having their credit card details stolen with nothing to show for it.
SSCL named as breached MoD contractor
UK-based Shared Services Connected Limited (SSCL) has been named as the Ministry of Defence (MoD) contractor hacked by, according to senior government sources, China. British defense minister Grant Shapps has admitted that the personal and financial details of 272,000 service personnel were hacked by “a malign actor.” However, the breach is now being widely attributed to China, despite China’s dismissal of the allegations as “absurd”. But while the compromised payment system has now been taken offline, there are growing fears that the breach may not merely be confined to the MoD, as SSCL handle a number of UK government contracts. “We’re the largest provider of critical business support services for the Government, the UK Military & Veterans (MoD), Metropolitan Police Service, and the Construction Industry Training Board (CITB),” boasts SSCL on its website.
China bans US semiconductors
A new bamboo curtain has fallen across China, with a reported blanket ban on US chips. The move is bad news for long-time Silicon Valley tech giant chipmaker Intel, whose Chinese sales accounted for roughly a quarter of its global revenues. Big names join Semiconductor ban But China’s retaliatory move may not only be bad news for US chip makers such as Intel and AMD but also for China’s own communications infrastructure. The order from China’s Ministry of Industry and Information Technology includes big players China Telecom, China Mobile, and China Unicorn, together with other Chinese operators. All are now obliged to submit draft deadlines for the replacement of foreign microchips. It is uncertain to what extent the CCP actually believes that Intel and AMD chips are likely to have built-in spyware or anything of the sort. The ban can be seen as part of a broader strategy on the part of the Chinese Communist Party (CCP) to end its country’s long-term reliance on US technology.
AI is fueling China’s cyber war against the US
Once again, China is harnessing new Western technology to attack and undermine the US at home and overseas. According to a new report from Microsoft, this time, China is using AI-generated fake social media accounts to influence the outcome of the upcoming US presidential elections. The report, Same targets, new playbooks: East Asia threat actors employ unique methods, details China’s recent attempts to discredit the US government, including misinformation regarding: the Kentucky train derailment in November; the Maui wildfires in August; the disposal of Japanese nuclear wastewater, illegal drug use in the US as well as exacerbating the increasing racial tensions across the US.
Change Healthcare Hit by Another Potential Cyber Attack – April 9th
Arriving just a month after a paid ransom was demanded following the massive data breach in February 2024, Change Healthcare reported on another potential cyberattack: extortion from the "ransomhub" group. Initiated by the new "ransomhub" group, with suspected connections to BlackCat, the double-extortion claim has yet to be confirmed by cybersecurity experts.
Visa’s Warning on RAT Campaign Targeting Financial Orgs – April 5th
Visa released an alert on the 'JsOutProx' remote access trojan (RAT) malware phishing campaign which targets financial institutions and customers. The JSOutProx malware linked to the 'Solar Spider' threat actor delivers a RAT that could steal sensitive data, establish a C2 connection, and extract Outlook information, among others.
Finland Police Accuse Chinese APT31 Group of 2020 Parliament Attack – March 29th
Following the US-led sanctions on Chinese individuals behind the Chinese APT31 group, the Police of Finland formally accused the group of hacking Finland's parliament in 2020. The country's law enforcement confirmed the connections between the breach and the Chinese group, claiming to have identified one specific suspect.
US Government Sanctions 7 Chinese Hackers – March 26th
The Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against seven Chinese nationals based in Wuhan, China, for their affiliation with the 'APT31' hacking group. According to OFAC, APT31 is a nation-state-backed Chinese hacking group focused on infiltrating critical infrastructure in Eastern Europe, France, and the US.
UK Deputy PM Warns of Chinese Cyber Threats to Government – March 25th
The UK's Deputy Prime Minister, Oliver Dowden, is expected to formally announce to the press that China is behind a wave of cyber attacks against UK government officials and will urge the protection of voters' data. Despite the denial from China's Ministry of Foreign Affairs, the UK government remains on high alert for politically fueled cyber attacks as the election period nears.
US blocks sales of citizens’ data to hostile powers
In what is being seen by some on the Hill as a case of too little too late, Washington has this week finally blocked the sale of US citizens’ personal sensitive data to four hostile foreign powers: North Korea, China, Russia, and Iran. Sensitive data includes ordinary people’s social security numbers, financial account numbers, biometric information, genetic information, precise geolocation information, and most of their private communications. Washington’s Energy and Commerce Committee top Democrat, Congressman Frank Pallone Jr, simultaneously issued a statement highlighting the massive threat foreign data sales present to ordinary people.
China and Iran launch lethal attacks on US infrastructure
The White House has issued an urgent appeal to all US state governors to prepare to cope with their water systems being attacked and taken down by Chinese cyber-attacks. Iran, which has honed its industrial espionage techniques via consistent attacks on Israel’s infrastructure, is also proving effective in taking down water facilities in the US. The letter from the White House contains a stark warning that attacks on US water facilities are no longer a potential threat but an increasingly frequent event with real-world consequences. It was signed by the Assistant to the President for National Security Affairs, Jake Sullivan, and by Environmental Protection Agency Administrator Michael S. Regan.