china – SSL and internet security news

China Hacked Japan’s Military Networks

August 14, 2023 infossl

china, cyberespionage, cybersecurity, espionage, hacking, japan, military, Security technology, Uncategorized

The NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. The Washington Post has the story: The hackers had deep, persistent access and appeared to be after anything they could get their hands on—plans, capabilities, assessments of military shortcomings, according to three former senior U.S. officials, who were among a dozen current … Read More “China Hacked Japan’s Military Networks” »

Microsoft Signing Key Stolen by Chinese

August 7, 2023 infossl

authentication, backdoors, china, cybersecurity, hacking, keys, microsoft, Security technology, Uncategorized

A bunch of networks, including US Government networks, have been hacked by the Chinese. The hackers used forged authentication tokens to access user email, using a stolen Microsoft Azure account consumer signing key. Congress wants answers. The phrase “negligent security practices” is being tossed about—and with good reason. Master signing keys are not supposed to … Read More “Microsoft Signing Key Stolen by Chinese” »

Chinese Hacking of US Critical Infrastructure

May 31, 2023 infossl

china, cyberattack, cyberespionage, espionage, hacking, infrastructure, reports, Security technology, Uncategorized

Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon, accesses target networks and evades detection. Powered by WPeMatico

Friday Squid Blogging: Peruvian Squid-Fishing Regulation Drives Chinese Fleets Away

May 19, 2023 infossl

china, hacking, Security technology, squid, Uncategorized

A Peruvian oversight law has the opposite effect: Peru in 2020 began requiring any foreign fishing boat entering its ports to use a vessel monitoring system allowing its activities to be tracked in real time 24 hours a day. The equipment, which tracks a vessel’s geographic position and fishing activity through a proprietary satellite communication … Read More “Friday Squid Blogging: Peruvian Squid-Fishing Regulation Drives Chinese Fleets Away” »

AIs as Computer Hackers

February 2, 2023 infossl

artificial intelligence, china, darpa, essays, hacking, robotics, Security technology, Uncategorized

Hacker “Capture the Flag” has been a mainstay at hacker gatherings since the mid-1990s. It’s like the outdoor game, but played on computer networks. Teams of hackers defend their own computers while attacking other teams’. It’s a controlled setting for what computer hackers do in real life: finding and fixing vulnerabilities in their own systems … Read More “AIs as Computer Hackers” »

Real-World Steganography

January 20, 2023 infossl

china, espionage, Security technology, steganography, Uncategorized

From an article about Zheng Xiaoqing, an American convicted of spying for China: According to a Department of Justice (DOJ) indictment, the US citizen hid confidential files stolen from his employers in the binary code of a digital photograph of a sunset, which Mr Zheng then mailed to himself. Powered by WPeMatico

Breaking RSA with a Quantum Computer

January 3, 2023 infossl

academic papers, china, cryptanalysis, cryptography, quantum computing, rsa, Security technology, Uncategorized

A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong. We have long known from Shor’s algorithm that factoring with a quantum computer is easy. But it … Read More “Breaking RSA with a Quantum Computer” »

Friday Squid Blogging: China Bans Taiwanese Squid Imports

December 9, 2022 infossl

china, Security technology, squid, Taiwan, Uncategorized

Today I have some squid geopolitical news. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Friday Squid Blogging: Chinese Squid Fishing

October 28, 2022 infossl

china, Security technology, squid, Uncategorized

China claims that it is “engaging in responsible squid fishing”: Chen Xinjun, dean of the College of Marine Sciences at Shanghai Ocean University, made the remarks in response to recent accusations by foreign reporters and actor Leonardo DiCaprio that China is depleting its own fish stock and that Chinese boats have sailed to other waters … Read More “Friday Squid Blogging: Chinese Squid Fishing” »

Critical Vulnerabilities in GPS Trackers

July 21, 2022 infossl

china, gps, Security technology, tracking, Uncategorized, vulnerabilities

This is a dangerous vulnerability: An assessment from security firm BitSight found six vulnerabilities in the Micodus MV720, a GPS tracker that sells for about $20 and is widely available. The researchers who performed the assessment believe the same critical vulnerabilities are present in other Micodus tracker models. The China-based manufacturer says 1.5 million of … Read More “Critical Vulnerabilities in GPS Trackers” »