China’s CL-STA-0969 group is targeting Southeast Asian telecommunications networks.
Posted inCybersecurity News

China’s CL-STA-0969 group is targeting Southeast Asian telecommunications networks.

Since early 2024, major telecommunications organizations across Southeast Asia have faced attacks from an advanced state-sponsored cyber threat actor identified as CL-STA-0969. Security intelligence suggests a likely association with Chinese cyber-espionage operations, given the group’s methods and tools, which demonstrate a deep familiarity with telecommunications systems, high operational security, and technical adaptability.
China accuses U.S. intelligence agencies of exploiting Microsoft zero-day vulnerability in cyberattack against key Chinense military enterprises.
Posted inCybersecurity News

China accuses U.S. intelligence agencies of exploiting Microsoft zero-day vulnerability in cyberattack against key Chinense military enterprises.

Chinese authorities today publicly accused U.S. intelligence agencies of orchestrating cyberattacks against two of China’s key military enterprises. According to the Cyber Security Association of China, the attacks reportedly exploited a previously unknown "zero-day" vulnerability in Microsoft Exchange email server software.
Chinese researchers are exploring ways to disable SpaceX’s Starlink satellites including lasers and direct energy weapons.
Posted inCybersecurity News

Chinese researchers are exploring ways to disable SpaceX’s Starlink satellites including lasers and direct energy weapons.

Recent academic publications from China detail a growing concern among Chinese defense analysts over the expanding reach and capabilities of SpaceX’s Starlink satellite network. The constellation, now numbering thousands of low-orbit satellites, has garnered global attention for its dual utility as both a commercial broadband revolutionary and a tool with significant military implications.
China summons Nvidia over alleged security backdoors in AI chips shipped to the Chinese market.
Posted inCybersecurity News

China summons Nvidia over alleged security backdoors in AI chips shipped to the Chinese market.

Nvidia has found itself at the center of escalating technological tensions between the United States and China. Chinese authorities formally summoned Nvidia executives to address concerns about potential "backdoor" security vulnerabilities in the company’s H20 artificial intelligence chips, specifically developed for the Chinese market. The Cyberspace Administration of China (CAC) announced it had interviewed Nvidia officials, demanding explanations and supporting evidence related to these suspected vulnerabilities.
Chinese-linked Silk Typhoon hacking group files 15 patents for cyber espionage tools.
Posted inCybersecurity News

Chinese-linked Silk Typhoon hacking group files 15 patents for cyber espionage tools.

Recent investigations have revealed that several Chinese technology firms with connections to the state-sponsored hacking group Silk Typhoon (also known as Hafnium) have filed more than 15 patents related to advanced cyber espionage tools. The patents in question cover a wide array of capabilities, including tools for encrypted data extraction from endpoints, forensics on Apple devices, and remote access and control over routers and smart home infrastructure.
The new China-based Storm-2603 group is deploying Warlock ransomware on Microsoft SharePoint servers.
Posted inCybersecurity News

The new China-based Storm-2603 group is deploying Warlock ransomware on Microsoft SharePoint servers.

A sophisticated cyber threat actor known as Storm-2603 has been identified exploiting critical vulnerabilities in Microsoft SharePoint to deploy Warlock ransomware on unpatched enterprise systems. According to Microsoft’s recent security advisory, this group, believed to be China-based, is leveraging unpatched flaws in on-premises SharePoint servers to gain unauthorized access, establish persistence, and spread ransomware across targeted networks.
The agency responsible for overseeing America’s nuclear weapons stockpile was a victim of the China’s recent SharePoint Frenzy attack.
Posted inCybersecurity News

The agency responsible for overseeing America’s nuclear weapons stockpile was a victim of the China’s recent SharePoint Frenzy attack.

The U.S. National Nuclear Security Administration (NNSA), the agency responsible for overseeing America’s nuclear weapons stockpile, was among several government institutions recently targeted in a widespread cyberattack that exploited critical vulnerabilities in Microsoft’s on-premises SharePoint software.
Microsoft SharePoint ToolShell attacks linked to Chinese-state hackers.
Posted inCybersecurity News

Microsoft SharePoint ToolShell attacks linked to Chinese-state hackers.

A major wave of cyberattacks, referred to as “ToolShell,” has recently targeted Microsoft SharePoint servers around the world. These attacks have been attributed to Chinese state-linked hackers and have affected government agencies, critical infrastructure, universities, and multinational corporations. The campaign exploited a chain of zero-day vulnerabilities in on-premises versions of Microsoft SharePoint, allowing for unauthenticated remote code execution and full system compromise.