china – Page 4 – SSL and internet security news

Chinese Hackers Stole an NSA Windows Exploit in 2014

March 4, 2021 infossl

china, exploits, hacking, microsoft, nsa, Security technology, Uncategorized, windows

Check Point has evidence that (probably government affiliated) Chinese hackers stole and cloned an NSA Windows hacking tool years before (probably government affiliated) Russian hackers stole and then published the same tool. Here’s the timeline: The timeline basically seems to be, according to Check Point: 2013: NSA’s Equation Group developed a set of exploits including … Read More “Chinese Hackers Stole an NSA Windows Exploit in 2014” »

National Security Risks of Late-Stage Capitalism

March 1, 2021 infossl

china, cybersecurity, essays, hacking, national security policy, russia, Security technology, Uncategorized

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds’s customers, including US government agencies such as the Homeland Security Department and State Department, … Read More “National Security Risks of Late-Stage Capitalism” »

On Chinese-Owned Technology Platforms

February 25, 2021 infossl

china, national security policy, reports, Security technology, threat models, Uncategorized

I am a co-author on a report published by the Hoover Institution: “Chinese Technology Platforms Operating in the United States.” From a blog post: The report suggests a comprehensive framework for understanding and assessing the risks posed by Chinese technology platforms in the United States and developing tailored responses. It starts from the common view … Read More “On Chinese-Owned Technology Platforms” »

Chinese Supply-Chain Attack on Computer Systems

February 13, 2021 infossl

backdoors, china, cybersecurity, fbi, fisa, intelligence, Internet of Things, national security policy, reports, Security technology, supply chain, Uncategorized

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S. … Read More “Chinese Supply-Chain Attack on Computer Systems” »

Phishing Attacks Against Trump and Biden Campaigns

June 8, 2020 infossl

china, google, intelligence, phishing, Security technology, threatalerts, voting

Google’s threat analysts have identified state-level attacks from China. I hope both campaigns are working under the assumption that everything they say and do will be dumped on the Internet before the election. That feels like the most likely outcome. Powered by WPeMatico

Chinese COVID-19 Disinformation Campaign

April 23, 2020 infossl

china, covid19, disinformation, fakenews, intelligence, propaganda, Security technology

The New York Times is reporting on state-sponsored disinformation campaigns coming out of China: Since that wave of panic, United States intelligence agencies have assessed that Chinese operatives helped push the messages across platforms, according to six American officials, who spoke on the condition of anonymity to publicly discuss intelligence matters. The amplification techniques are … Read More “Chinese COVID-19 Disinformation Campaign” »

Facial Recognition for People Wearing Masks

March 25, 2020 infossl

china, facerecognition, privacy, Security technology, surveillance

The Chinese facial recognition company Hanwang claims it can recognize people wearing masks: The company now says its masked facial recognition program has reached 95 percent accuracy in lab tests, and even claims that it is more accurate in real life, where its cameras take multiple photos of a person if the first attempt to … Read More “Facial Recognition for People Wearing Masks” »

Emergency Surveillance During COVID-19 Crisis

March 20, 2020 infossl

china, covid19, datacollection, eff, epidemiology, iran, israel, nationalsecuritypolicy, privacy, Security technology, surveillance

Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. I believe pressure will increase to leverage existing corporate surveillance infrastructure for these purposes in the US and other countries. With that in mind, the EFF has some good thinking on … Read More “Emergency Surveillance During COVID-19 Crisis” »

Chinese Hackers Bypassing Two-Factor Authentication

December 26, 2019 infossl

china, hacking, rsa, Security technology, twofactorauthentication

Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid … Read More “Chinese Hackers Bypassing Two-Factor Authentication” »

GPS Manipulation

November 21, 2019 infossl

china, gps, Security technology, theft, transportation

Long article on the manipulation of GPS in Shanghai. It seems not to be some Chinese military program, but ships who are stealing sand. The Shanghai “crop circles,” which somehow spoof each vessel to a different false location, are something new. “I’m still puzzled by this,” says Humphreys. “I can’t get it to work out … Read More “GPS Manipulation” »