Category: Security News

The cyber threats to watch in 2025…

Posted on by esimantiras

The cyber threats to watch in 2025, and other cybersecurity news to know this month

source: weforum.org  |  image: pexels.com

 

1. Global Cybersecurity Outlook 2025: Navigating complexity

The cyber threat landscape in 2025 will be shaped by increasingly sophisticated attacks, with ransomware, social engineering and AI-powered cybercrime remaining top concerns, according to the World Economic Forum’s latest Global Cybersecurity Outlook.

Data breaches continued at historic levels in 2024, with 3,158 data compromises tracked by the Identity Theft Resource Center – on par with the previous record-breaking year. However, victim notices surged 211% to 1.3 billion, but this was largely due to five mega-breaches, each triggering over 100 million notices.

Continue reading “The cyber threats to watch in 2025…”

The US Is Considering a TP-Link Router Ban—Should You Worry?

Posted on by esimantiras

The US Is Considering a TP-Link Router Ban—Should You Worry?

source: wired.com  |  image: pexels.com

 

Several government departments are investigating TP-Link routers over Chinese cyberattack fears, but the company denies links.

TP-Link is one of the most popular routermanufacturers in the US, but the company is facing a potential ban due to security concerns about its links to China. A December report from The Wall Street Journal revealed that the US Commerce, Defense, and Justice Departments are investigating TP-Link, though no evidence of deliberate wrongdoing has yet emerged.

“We are a US company,” Jeff Barney, president of TP-Link told WIRED, “We have no affiliation with TP-Link Tech, which focuses on mainland China, and we can prove our separateness.” Continue reading “The US Is Considering a TP-Link Router Ban—Should You Worry?”

We’re In for a Rude Awakening on Cybersecurity

Posted on by esimantiras

We’re In for a Rude Awakening on Cybersecurity

source: city-journal.org (contributed by FAN, Steve Page)  |  image: pexels.com

America remains ill-prepared for Chinese hackers targeting critical infrastructure.

It’s a crisis that almost no one is talking about. The Chinese Communist Party is now the world’s preeminent practitioner of cyber warfare. Once notoriously loud and clumsy, the CCP’s hackers have become stealthy and sophisticated. They’re intercepting the calls and texts of our leaders and infiltrating servers at our ports, power plants, and water-treatment facilities. Yet hardly anyone seems to care. When Congress held hearings on cybersecurity late last year, only a handful of journalists bothered to cover them. Continue reading “We’re In for a Rude Awakening on Cybersecurity”

Chinese tech firm founded by Huawei veterans in the FBI’s crosshairs

Posted on by esimantiras

Chinese tech firm founded by Huawei veterans in the FBI’s crosshairs

source: reuters.com (contributed by Steve Page)  |  image: fbi.gov

 

WASHINGTON, Jan 16 (Reuters) – The U.S. Commerce Department and FBI are both investigating a little-known telecoms hardware firm founded by senior Huawei veterans in China over possible security risks, sources and documents show.
Founded in 2014, Baicells Technologies opened a North American business the next year in Wisconsin and has since provided telecoms equipment for 700 commercial mobile networks across every U.S. state, according to its website.
The Commerce Department is investigating Baicells on national security grounds and has sent subpoenas to the company, four people said. The U.S. telecoms regulator, the Federal Communications Commission (FCC), is advising it on its review, two of the people said.
The FBI’s interest in its equipment and Chinese origins dates back to at least 2019.

Continue reading “Chinese tech firm founded by Huawei veterans in the FBI’s crosshairs”

Chinese hackers infiltrated US Treasury Secretary’s PC — attackers had access to over 400 PCs

Posted on by esimantiras

Chinese hackers infiltrated US Treasury Secretary’s PC — attackers had access to over 400 PCs

source: tomshardware.com (contributed by Steve Page)  |  image: pexels.com 

 

As reported last week, Chinese hackers infiltrated the U.S. Department of Treasury and gained access to several users’ workstations. However, according to Bloomberg, the infiltration was more severe than initially reported, as hackers managed to access systems belonging to Secretary Janet Yellen and other top officials.

Phone Scanner That Detects Spyware

Posted on by esimantiras

A New Phone Scanner That Detects Spyware Has Already Found 7 Pegasus Infections

source: wired.com (contributed by FAN, Steve Page)  |  image: unsplash.com

 

The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone—and it’s already turning up victims.

IN RECENT YEARS, commercial spyware has been deployed by more actors against a wider range of victims, but the prevailing narrative has still been that the malware is used in targeted attacks against an extremely small number of people. At the same time, though, it has been difficult to check devices for infection, leading individuals to navigate an ad hoc array of academic institutions and NGOs that have been on the front lines of developing forensic techniques to detect mobile spyware. On Tuesday, the mobile device security firm iVerify is publishing findings from a spyware detection feature it launched in May. Of 2,500 device scans that the company’s customers elected to submit for inspection, seven revealed infections by the notorious NSO Group malware known as Pegasus. Continue reading “Phone Scanner That Detects Spyware”

Rising Threat of China’s Volt Typhoon

Posted on by esimantiras

Rising Threat of China’s Volt Typhoon

image - china tech

source: axios.com (contributed by FAN, Bill Amshey)  |  Image: pexels.com

 

Notorious China-linked hackers known for burrowing deep into U.S. infrastructure are back, according to a report out today.

Why it matters: The resurgence shows that the Chinese government isn’t backing down from its quest to infiltrate American utilities in preparation for a potential destructive cyberattack.

Zoom in: The research team at SecurityScorecard, a cyber risk assessment company, says it has noticed Volt Typhoon moving traffic through a set of compromised routers in New Caledonia, an island nation off the coast of Australia, as recently as September.

  • Global law enforcement disrupted a significant portion of Volt Typhoon’s botnet in January, but the group quickly set up new servers.
  • However, actual movement across these servers hadn’t been seen until September, according to the report.
  • Routing through New Caledonia gives the hackers a “silent bridge” to hide traffic moving between the Asia-Pacific region and the Americas, the report says. Continue reading “Rising Threat of China’s Volt Typhoon”

Say Goodbye to Passwords

Posted on by esimantiras

Say Goodbye to Passwords

source: fastcompany.com  |  image: pixabay.com

 

Passkey adoption is up, and problems are being fixed.

It’s been a couple of years since Apple, Google, and Microsoft started trying to kill the password, and its demise seems more likely than ever.

In 2022, all three companies embraced an alternative called passkeys, which sync securely between your devices and are protected by face recognition, a fingerprint, or a PIN. The thinking goes that if you don’t have to remember a password—or even create one in a password manager—you’re less likely to fall prey to phishing scams. And if websites don’t have to store their customers’ passwords anymore, security breaches won’t be as disastrous. Continue reading “Say Goodbye to Passwords”

China’s Satellites Are Dodging US Eyes In Space

Posted on by esimantiras

China’s Satellites Are Dodging US Eyes In Space

source: defenseone.com  |  image: pixabay.com

 

The Pentagon doesn’t post location data for its secretive GSSAP satellites, but Chinese spacecraft are maneuvering to avoid their gaze.

The Pentagon has long been closed-mouthed about a family of U.S. spy satellites that since 2014 have kept an eye on foreign spacecraft in geosynchronous orbits. That hasn’t stopped Chinese satellites from dodging them.

U.S. officials declassified the Geosynchronous Space Situational Awareness Program a decade ago to show that they had eyes on high-Earth orbit, but they have rarely discussed the the six GSSAP satellites themselves, and they do not publish the standard location data meant to reduce collisions. Now, a new paper from the U.S. Air Force’s China Aerospace Studies Institute explores what the Chinese know about GSSAP—and what they’re doing about it. Continue reading “China’s Satellites Are Dodging US Eyes In Space”

Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity

Posted on by esimantiras

Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity

source: darkreading.com  |  image: pexels.com

 

Cyber-threat actors have ramped up their targeting of the 2024 US electionswith a flood of malicious activity expected to peak over the next month, aimed at causing disruption to voters and the election process and requiring increased vigilance on the part of stakeholders.

Specifically, attackers have bolstered election-related threat activity since the beginning of the year with an increase in the sale of phishing kits targeting US voters and campaign donors; the registration of more than 1,000 domains aimed at exploiting election-related content for malicious purposes; and increased ransomware activity targeting government entities, according to research from FortiGuard Labs Threat Research released today.

Since the inception of Internet-related threats, cyber-threat actors have typically increased malicious activity ahead of elections, notes Derek Manky, chief security strategist and vice president of global threat intelligence at Fortinet. However, they aim to be especially disruptive during the current election cycle, requiring that all stakeholders be prepared to fend off malicious actors in the upcoming weeks to protect election outcomes. Continue reading “Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity”