The U.S. federal government said Friday it's traced the source of Chinese hacker intrusions into telecom networks to a government contractor located in hacking hotbed Sichuan. The Department of Treasury imposed sanctions on the firm, Sichuan Juxinhe Network Technology.
The U.S. federal government targeted for sanctions a network of North Korean front companies and a Chinese supplier that support a Pyongyang program of planting remote IT workers into Western corporations. The front companies are Korea Osong Shipping and Chonsurim Trading Corporation.
Hackers possibly from the Russian Main Intelligence Directorate have been spying on neighboring government of Kazakhstan using legitimate documents that have been booby-trapped with malicious macros. The latest campaign, dubbed "Double-Tap," emerged in October 2024.
The U.S. federal government's first hint that Chinese hackers penetrated American telecommunications infrastructure came from telemetry on government networks, said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency.
U.S. federal law enforcement said Tuesday it deleted more than 4,000 instances of PlugX malware used in a Chinese cyberespionage operation after a European partner gained control of the malware's command and control server. PlugX spreads through infected USB drives.
Chinese hackers reportedly breached a U.S. government office responsible for reviewing foreign investments for national security threats as part of a cyberespionage campaign targeting the Department of Treasury. Hackers gained access to the Committee on Foreign Investment in the U.S.
In this week's update, ISMG editors discuss the escalating geopolitical cyberthreats expected in 2025, including advanced and persistent campaigns linked to Chinese actors. Panelists also pay tribute to Amit Yoran, one of the cybersecurity industry's most influential leaders.
This week, a Russian tanker linked to cable sabotage detained in Finland, a claimed Gravy Analytics breach exposed location data, a Mirai-based botnet exploited zero-day flaws, Dell updated framework flaws and a court sentenced a Florida woman for laundering millions in romance scams.
VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by suspected nation-state attackers. Experts are warning users to immediately update their devices, after factory resetting them, to flush any malware attackers may have installed.
From application security to zero trust, it's been a busy four years for the current leaders of the U.S. Cybersecurity and Infrastructure Security Agency. Deputy Director Nitin Natarajan discusses the agency's accomplishments and the threats that await the next administration's cyber leaders.
The Cybersecurity and Infrastructure Security Agency is working closely with the Treasury Department in an ongoing investigation to determine the full scale and scope of a Chinese-linked hack targeting key offices tasked with sanctions enforcement, the agency confirmed Monday.
The nine known victims of a "broad and significant cyberespionage campaign" the White House has tied to China reportedly include Charter Communications, Consolidated Communications and Windstream, as officials said the hackers' earliest known telecom network penetration began in mid-2023.
The Department of Treasury blacklisted Integrity Technology Group, declaring transactions with the company to be off-limits for U.S. financial institutions and persons. The sanctions will likely have more symbolic than actual disruptive effect.
A Chinese hack of the U.S. Department of the Treasury targeted offices tasked with overseeing economic sanctions and financial investigations, as experts warn Beijing is increasingly escalating attacks on American critical infrastructure while preparing for potential future conflict.
Finnish police say they've identified as suspects eight crew members of an oil tanker linked to a Russian "shadow fleet" of sanctions-busting ships in an investigation into an incident that broke submarine cables in the Baltic Sea. Authorities escorted the tanker into Finnish waters on Dec. 25.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
