Easterly appeals to Congress on CISA funding, citing Chinese threats to critical infrastructure

The director of the agency told the House Appropriations Committee that a $150 million fund would allow CISA to bolster three key initiatives.

The post Easterly appeals to Congress on CISA funding, citing Chinese threats to critical infrastructure appeared first on CyberScoop.

Continue reading Easterly appeals to Congress on CISA funding, citing Chinese threats to critical infrastructure

Hackers Continue Cyberattacks Against Vatican, Catholic Orgs

The China-linked threat group RedDelta has continued to launch cyberattacks against Catholic institutions since May 2020 until as recently as last week. Continue reading Hackers Continue Cyberattacks Against Vatican, Catholic Orgs

Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

Six suspected Chinese hacking groups have zeroed-in on entities in the telecommunications sector in the first half of this year, according to CrowdStrike research published Tuesday. While CrowdStrike did not identify the groups by name, attackers have likely been running their hacking operations in an effort to steal sensitive data about targets, or to conduct intellectual property theft, researchers at the threat intelligence firm determined. The telecommunications sector was among the top most-targeted sectors in the first half of 2020, the company said, alluding to behavior that aligns with previous espionage patterns from hackers with suspected ties to Beijing. Publication of the report coincides with a fresh warning from the U.S. Department of Homeland Security that a Chinese intelligence agency is exploiting known software flaws to gather information from U.S. federal agencies, and amid an ongoing U.S. government effort to safeguard research into a COVID-19 vaccine, which Chinese hackers are alleged to have […]

The post Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says appeared first on CyberScoop.

Continue reading Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns

The U.S. government publicly put forth information Monday that exposed malware used in Chinese government hacking efforts for more than a decade. The Chinese government has been using malware, referred to as Taidoor, to target government agencies, entities in the private sector, and think tanks since 2008, according to a joint announcement from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Department of Defense, and the FBI. The Chinese Communist Party has been using the malware, in conjunction with proxy servers, “to maintain a presence on victim networks and to further network exploitation,” according to the U.S. government’s malware analysis report (MAR). In particular, Taidoor has been used to target government and private sector organizations that have a focus on Taiwan, according to previous FireEye analysis. It is typically distributed to victims through spearphishing emails that contain malicious attachments. U.S. Cyber Command, the DOD’s offensive cyber unit, has also shared samples […]

The post DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns appeared first on CyberScoop.

Continue reading DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns

Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations

Over the course of the last three months, hackers with suspected linked to the Chinese government have been targeting the Vatican, according to research from security firm Recorded Future. The targeting, which was delivered in a series of spearphishing emails with malware-laden documents imitating legitimate Vatican correspondence and news about Hong Kong’s national security law, appears to have begun in May of this year, Recorded Future researchers said. The suspected Chinese government hackers have also targeted mail servers of other Catholic entities, including an international missionary center in Italy and the Catholic Diocese of Hong Kong. The hacking group appears to be linked with the China-based hacking group Mustang Panda, given several overlaps in techniques, infrastructure, and tooling, including a method for delivering malware that both groups employ as well as a method for obfuscating their attacks, the researchers said in a blog. However, given several different encryption mechanisms used […]

The post Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations appeared first on CyberScoop.

Continue reading Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations

Two Chinese Hackers Face 40 Years in Prison for Hacking Spree on Global Organizations, Including COVID-19 Researchers

US authorities have charged two Chinese hackers for allegedly hacking into the systems of hundreds of companies, governments and individual dissidents, as well as firms developing COVID-19 vaccines, testing technology, and treatments, the U.S. Departme… Continue reading Two Chinese Hackers Face 40 Years in Prison for Hacking Spree on Global Organizations, Including COVID-19 Researchers

US accuses two Chinese hackers of targeting coronavirus vaccine research

Two men conspired with Chinese intelligence agencies to steal data from a range of U.S. targets in the medical and defense sectors, including an effort to beach firms working on a potential vaccine for the coronavirus, U.S. Department of Justice officials said Tuesday. The suspects, Li Xiaoyu and Dong Jiazhi, stole terabytes of information from computers around the world while based in China, according to an indictment unsealed Tuesday. The espionage campaign predates the COVID-19 pandemic, officials said. For more than a decade, the pair allegedly targeted health care firms, pharmaceutical companies, U.S. universities, maritime engineering firms, biotechnology innovation centers and a range of other targets. The suspects worked with the Chinese Ministry of State Security, said Assistant Attorney General John Demers, though they also hacked for personal profit. Attackers also targeted Chinese dissidents and human rights activists in the U.S., according to the indictment. The scheme began no later than September 2009 and continued […]

The post US accuses two Chinese hackers of targeting coronavirus vaccine research appeared first on CyberScoop.

Continue reading US accuses two Chinese hackers of targeting coronavirus vaccine research

Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

Researchers say that APT41’s exploits are part of one of the broadest espionage campaigns they’ve seen from a Chinese-linked actor “in recent years.” Continue reading Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

Researchers Claim CIA Was Behind 11-Year-Long Hacking Attacks Against China

Qihoo 360, one of the most prominent cybersecurity firms, today published a new report accusing the U.S. Central Intelligence Agency (CIA) to be behind an 11-year-long hacking campaign against several Chinese industries and government agencies.

The ta… Continue reading Researchers Claim CIA Was Behind 11-Year-Long Hacking Attacks Against China

U.S. Charges 4 Chinese Military Hackers Over Equifax Data Breach

The United States Department of Justice today announced charges against 4 Chinese military hackers who were allegedly behind the Equifax data breach that exposed the personal and financial data of nearly 150 million Americans.

In a joint press confere… Continue reading U.S. Charges 4 Chinese Military Hackers Over Equifax Data Breach