A politically motivated advanced persistent threat (APT) group has expanded its malware arsenal to include a new remote access trojan (RAT) in its espionage attacks aimed at Indian military and diplomatic entities. Called CapraRAT by Trend Micro, the implant is an Android RAT that exhibits a high "degree of crossover" with another Windows malware known as CrimsonRAT that's … [Read more...] about New CapraRAT Android Malware Targets Indian Government and Military Personnel
Government
Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
Cybersecurity researchers on Tuesday took the wraps off a multi-stage espionage campaign targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia. The attack is unique as it leverages Microsoft OneDrive as a command-and-control (C2) server and is split into as many as six stages to stay as hidden as … [Read more...] about Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
China suspends deal with Alibaba for not sharing Log4j 0-day first with the government
China's internet regulator, the Ministry of Industry and Information Technology (MIIT), has temporarily suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months on account of the fact that it failed to promptly inform the government about a critical security vulnerability affecting the broadly used Log4j … [Read more...] about China suspends deal with Alibaba for not sharing Log4j 0-day first with the government
Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials
Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. "These people are at the center of critical communities for public debate," said Nathaniel … [Read more...] about Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials
Zero Trust and the Federal Government: Feedback for Progress
On May 12, President Biden signed a cybersecurity Executive Order (EO) aimed at improving efforts to “identify, deter, protect against, detect, and respond to these actions and actors”. The order aims to improve federal security practices and threat intelligence sharing amongst federal agencies and the private sector; enhance software supply chain security, and improve federal … [Read more...] about Zero Trust and the Federal Government: Feedback for Progress
China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government
The Cyberspace Administration of China (CAC) has issued new stricter vulnerability disclosures regulations that mandate security researchers uncovering critical flaws in computer systems to mandatorily disclose them first-hand to the government authorities within two days of filing a report. The "Regulations on the Management of Network Product Security Vulnerability" are … [Read more...] about China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government
China’s Cyberspies Targeting Southeast Asian Government Entities
A sweeping and "highly active campaign" that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines, according to new research. Russian cybersecurity firm Kaspersky, which first spotted the infections in October 2020, attributed them to a threat actor it tracks as "LuminousMoth," which it connected with medium to … [Read more...] about China’s Cyberspies Targeting Southeast Asian Government Entities
IndigoZebra APT Hacking Campaign Targets the Afghan Government
Cybersecurity researchers are warning of ongoing attacks coordinated by a suspected Chinese-speaking threat actor targeting the Afghanistan government as part of an espionage campaign that may have had its provenance as far back as 2014. Israeli cybersecurity firm Check Point Research attributed the intrusions to a hacking group tracked under the moniker "IndigoZebra," with … [Read more...] about IndigoZebra APT Hacking Campaign Targets the Afghan Government
WhatsApp Sues Indian Government Over New Internet Regulations
WhatsApp on Wednesday fired a legal salvo against the Indian government to block new regulations that would require messaging apps to trace the "first originator" of messages shared on the platform, thus effectively breaking encryption protections. "Requiring messaging apps to 'trace' chats is the equivalent of asking us to keep a fingerprint of every single message sent on … [Read more...] about WhatsApp Sues Indian Government Over New Internet Regulations
How Apple Gave Chinese Government Access to iCloud Data and Censored Apps
In July 2018, when Guizhou-Cloud Big Data (GCBD) agreed to a deal with state-owned telco China Telecom to move users' iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a deep-dive report from The New York Times, Apple's privacy and security … [Read more...] about How Apple Gave Chinese Government Access to iCloud Data and Censored Apps