Month: November 2025

US Think Tank Waves Red Flag Over Chinese Economic Espionage

Posted on by esimantiras

US Think Tank Waves Red Flag Over Chinese Economic Espionage

image - china tech

source: technewsworld.com  |  image: pexels.com

 

A call to disrupt the People’s Republic of China’s economic espionage campaign against the United States was sounded in a new report by a Washington, D.C., technology think tank.

“China’s campaign of economic espionage against the United States spans cyber intrusions, insider theft, and technology transfer disguised as collaboration,” declared the report written by intelligence analyst and applied historian Darren E. Tromblay and published by the Information Technology & Innovation Foundation (ITIF).

“Washington must recognize that Beijing is operating an elaborate espionage ecosystem and take strategic measures to disrupt it,” it added.

China’s espionage ecosystem is systemic and strategic, it explained. From state intelligence agencies to nominally private firms, Beijing coordinates cyber, human, and corporate channels to steal U.S. industrial and defense technologies. Continue reading “US Think Tank Waves Red Flag Over Chinese Economic Espionage”

Amazon Explains How Its AWS Outage Took Down the Web

Posted on by esimantiras

Amazon Explains How Its AWS Outage Took Down the Web

source: wired.com  |  image: amazon.com

 

 

Summary of the Amazon DynamoDB Service Disruption in the Northern Virginia (US-EAST-1) Region

We wanted to provide you with some additional information about the service disruption that occurred in the N. Virginia (us-east-1) Region on October 19 and 20, 2025. While the event started at 11:48 PM PDT on October 19 and ended at 2:20 PM PDT on October 20, there were three distinct periods of impact to customer applications. First, between 11:48 PM on October 19 and 2:40 AM on October 20, Amazon DynamoDB experienced increased API error rates in the N. Virginia (us-east-1) Region. Second, between 5:30 AM and 2:09 PM on October 20, Network Load Balancer (NLB) experienced increased connection errors for some load balancers in the N. Virginia (us-east-1) Region. This was caused by health check failures in the NLB fleet, which resulted in increased connection errors on some NLBs. Third, between 2:25 AM and 10:36 AM on October 20, new EC2 instance launches failed and, while instance launches began to succeed from 10:37 AM, some newly launched instances experienced connectivity issues which were resolved by 1:50 PM. Continue reading “Amazon Explains How Its AWS Outage Took Down the Web”

Crossed wires: a case study of Iranian espionage and attribution

Posted on by esimantiras

CROSSED WIRES: A CASE STUDY OF IRANIAN ESPIONAGE AND ATTRIBUTION

source: proofpoint.com  |  image: pexels.com

 

Key findings 

  • Between June and August 2025, Proofpoint began tracking a previously unidentified threat actor dubbed UNK_SmudgedSerpent targeting academics and foreign policy experts. 
  • UNK_SmudgedSerpent leveraged domestic political lures, including societal change in Iran and investigation into the militarization of the IRGC. 
  • UNK_SmudgedSerpent used benign conversation starters, health-themed infrastructure, OnlyOffice file hosting spoofs, and Remote Management & Monitoring (RMM) tools. 
  • Throughout the investigation, UNK_SmudgedSerpent demonstrated tactics resembling several Iranian actors: TA455 (C5 Agent, Smoke Sandstorm), TA453 (Charming Kitten, Mint Sandstorm), and TA450 (MuddyWater, Mango Sandstorm). 
  • Overlapping TTPs prevent high confidence attribution, but several hypotheses could explain the nature of the relationship between UNK_SmudgedSerpent and other Iranian groups. 

Overview  

In June, Proofpoint Threat Research began investigating a benign email discussing economic uncertainty and domestic political unrest in Iran. While coinciding with the escalations in the Iran-Israel conflict, there was no indication that the observed activity was directly correlated with Israel’s attacks on Iranian nuclear facilities or Iran’s actions in response. Continue reading “Crossed wires: a case study of Iranian espionage and attribution”

A New Type of AI Malware Threatens Smart Homes…

Posted on by esimantiras

A New Type of AI Malware Threatens Smart Homes, But These Security Habits Can Help

source: cnet.com  |  image: pexels.com

 

The rise of promptware means cybercriminals have new ways to hack smart homes. New security methods are required to fight back

 

Old-school home hacking is typically ineffective — it takes too much effort for the average burglar and modern devices are better protected against mass internet attacks (especially if you keep firmware updated). But now there’s a new trick for cybercriminals to use: It’s called prompt injections — or promptware — and it can make AI do things you never wanted it to. 

In a smart home, that means that promptware can force AI to seize control of devices, doing everything from turning up the heat and switching off lights to unlocking smart locks

Experts are still learning what dangers promptware presents to LLM-style AI and the many places it can hide. Meanwhile, there are steps you can take to help stay safe and alert. Here’s what I suggest. Continue reading “A New Type of AI Malware Threatens Smart Homes…”