Found 140 bookmarks
Custom sorting
Chinese hackers breached US government office that assesses foreign investments for national security risks
Chinese hackers breached US government office that assesses foreign investments for national security risks
Chinese hackers breached the US government office that reviews foreign investments for national security risks, three US officials familiar with the matter told CNN. The theft, which has not previously been reported, underscores Beijing’s keen interest in spying on a US government office that has broad powers to block Chinese investment in the US as tensions between the world’s two superpowers remain high. The breach was part of a broader incursion by the hackers into the Treasury Department’s unclassified system. The office targeted by the hackers, the Committee on Foreign Investment in the US (CFIUS), in December gained greater authority to scrutinize real estate sales near US military bases. US lawmakers and national security officials have grown increasingly worried that the Chinese government or its proxies could use land acquisitions to spy on those bases.
#cnn#EN#2025#US#government#China#breach#foreign#investments#CFIUS
·edition.cnn.com·
Chinese hackers breached US government office that assesses foreign investments for national security risks
China Hacked Treasury Dept. in ‘Major’ Breach, U.S. Says
China Hacked Treasury Dept. in ‘Major’ Breach, U.S. Says
The department notified lawmakers of the episode, which it said was linked to a state-sponsored actor in China. In a letter informing lawmakers of the episode, the Treasury Department said that it had been notified on Dec. 8 by a third-party software service company, BeyondTrust, that the hacker had obtained a security key that allowed it to remotely gain access to certain Treasury workstations and documents on them
#nytimes#EN#2024#US#Treasury#Breach#BeyondTrust#attribution#China#Hacked
·nytimes.com·
China Hacked Treasury Dept. in ‘Major’ Breach, U.S. Says
US Treasury says China accessed government documents in 'major' cyberattack
US Treasury says China accessed government documents in 'major' cyberattack
Treasury officials attributed the December theft of unclassified documents to China. The Treasury said it was notified on December 8 by BeyondTrust, a company that provides identity access and remote support tech for large organizations and government departments, that hackers had “gained access to a key used by the vendor” for providing remote access technical support to Treasury employees. BeyondTrust disclosed the incident at the time, but did not say how the key was obtained.
#techcrunch#EN#2024#US#Treasury#China#BeyondTrust#cyberattack#attribution
·techcrunch.com·
US Treasury says China accessed government documents in 'major' cyberattack
At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says | The Record from Recorded Future News
At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says | The Record from Recorded Future News
Senators briefed on the wide-ranging breaches by Chinese hackers called for action on Wednesday to protect the country's telecommunications networks.
#therecord.media#EN#2024#telcos#US#Salt-Typhoon#China#breaches
·therecord.media·
At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says | The Record from Recorded Future News
The hidden network report
The hidden network report
Since February 2024, the World Watch Cyber Threat Intelligence team has been working on an extensive study of the private and public relationships within the Chinese cyber offensive ecosystem. This includes: An online map showcasing the links between 300+ entities; Historical context on the Chinese state entities dedicated to cyber offensive operations; An analysis of the role of universities and private companies in terms of capacity building; A focus on the ecosystem facilitating the acquisition of vulnerabilities for government use in cyber espionage campaigns.
#Orange#Cyberdefense#CERT#EN#2024#Threat#Research#China
·research.cert.orangecyberdefense.com·
The hidden network report
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
In a recent cyber campaign, the Chinese state-sponsored threat group TAG-112 compromised two Tibetan websites, Tibet Post and Gyudmed Tantric University, to deliver the Cobalt Strike malware. Recorded Future’s Insikt Group discovered that the attackers embedded malicious JavaScript in these sites, which spoofed a TLS certificate error to trick visitors into downloading a disguised security certificate. This malware, often used by threat actors for remote access and post-exploitation, highlights a continued cyber-espionage focus on Tibetan entities. TAG-112’s infrastructure, concealed using Cloudflare, links this campaign to other China-sponsored operations, particularly TAG-102 (Evasive Panda).
#recordedfuture#EN#2024#EvasivePanda#TAG-112#Tibet#China#CobaltStrike#malware
·recordedfuture.com·
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog
At CYBERWARCON 2024, Microsoft Threat Intelligence analysts will share research and insights on North Korean and Chinese threat actors representing years of threat actor tracking, infrastructure monitoring and disruption, and their attack tooling.
#microsoft#EN#2024#CYBERWARCON#DPRK#North-Korea#China#analysis#intlligence
·microsoft.com·
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog
T-Mobile confirms it was hacked in recent wave of telecom breaches
T-Mobile confirms it was hacked in recent wave of telecom breaches
T-Mobile confirms it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain access to private communications, call records, and law enforcement information requests.
#bleepingcomputer#EN#2024#China#Cyber-espionage#Cyberattack#Salt-Typhoon#T-Mobile#Telecommunications#Security#InfoSec#Computer-Security
·bleepingcomputer.com·
T-Mobile confirms it was hacked in recent wave of telecom breaches
China's Volt Typhoon breached Singtel, reports say
China's Volt Typhoon breached Singtel, reports say
Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators. The digital break-in was discovered in June, according to Bloomberg, citing "two people familiar with the matter" who told the news outlet that the Singtel breach was "a test run by China for further hacks against US telecommunications companies."
#theregister#EN#2024#VoltTyphoon#China#Singtel#breach#spy
·theregister.com·
China's Volt Typhoon breached Singtel, reports say
Inside the Open Directory of the “You Dun” Threat Group
Inside the Open Directory of the “You Dun” Threat Group
  • Analysis of an open directory found a Chinese speaking threat actor’s toolkit and history of activity. The threat actor displayed extensive scanning and exploitation using WebLogicScan, Vulmap, and Xray, targeting organizations in South Korea, China, Thailand, Taiwan, and Iran. The Viper C2 framework was present as well as a Cobalt Strike kit which included TaoWu and Ladon extensions. * The Leaked LockBit 3 builder was used to create a LockBit payload with a custom ransom note that included reference to a Telegram group which we investigated further in the report.
#thedfirreport#EN#2024#Analysis#open-directory#LockBit#operational#You-Dun#group#China#tools#scan
·thedfirreport.com·
Inside the Open Directory of the “You Dun” Threat Group
Chinese APT Abuses VSCode to Target Government in Asia
Chinese APT Abuses VSCode to Target Government in Asia
A first in our telemetry: Chinese APT Stately Taurus uses Visual Studio Code to maintain a reverse shell in victims' environments for Southeast Asian espionage. A first in our telemetry: Chinese APT Stately Taurus uses Visual Studio Code to maintain a reverse shell in victims' environments for Southeast Asian espionage.
#unit42#EN#2024#China#APT#StatelyTaurus#VisualStudio
·unit42.paloaltonetworks.com·
Chinese APT Abuses VSCode to Target Government in Asia