CSO
China, Huawei, and the eavesdropping threat
In the world of intelligence, “capability present” changes the conversation from if to when. Huawei is an espionage threat not because of what it has done but because of what it can do.
Bleeping Computer
Joker malware infects over 500,000 Huawei Android devices
More than 500,000 Huawei users have downloaded from the company's official Android store applications infected with Joker malware that subscribes to premium mobile services.
Bleeping Computer
Huawei Cloud targeted by updated cryptomining malware
A new version of a 2020 crypto-mining malware that was previously targeting Docker containers has now been spotted focusing on new cloud service providers like the Huawei Cloud.
ZDNet
Senator calls on Nick Xenophon to detail his Huawei contract terms | ZDNet
Rex Patrick compares working for Huawei as akin to working for Krupp or Messerschmitt in 1938.
CyberNews
US to bar China's Huawei, ZTE from certifying wireless equipment
The FCC is moving to prevent Huawei, ZTE, and other Chinese telecom companies, deemed a threat to US national security, from certifying wireless equipment.
SecurityWeek
US Bans Huawei, ZTE Telecoms Gear Over Security Risk
US authorities announced a ban on the import or sale of communications equipment deemed "an unacceptable risk to national security" -- including gear from Chinese giants Huawei Technologies and ZTE.
Bleeping Computer
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware
Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware.
Bleeping Computer
Canada bans Huawei and ZTE from 5G networks over security concerns
The Government of Canada announced its intention to ban the use of Huawei and ZTE telecommunications equipment and services across the country's 5G and 4G networks.
SecurityWeek
Taiwan Probes Firms Suspected of Selling Chip Equipment to China’s Huawei Despite US Sanctions
Taiwan authorities are investigating Taiwan-based companies suspected of helping China’s Huawei to build semiconductor facilities
Bleeping Computer
US bans sales of Huawei, Hikvision, ZTE, and Dahua equipment
The United States government, through the Federal Communications Commission (FCC), has banned the sale of equipment from Chinese telecommunications and video surveillance vendor Huawei, ZTE, Hytera, Hikvision, and Dahua due "unacceptable risks to national security".
Security Affairs
A component in Huawei network appliances could be used to take down Germany’s telecoms networks
German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. In March, the interior ministry announced it was conducting an audit on the network appliance from Chinese telecoms giants Huawei and ZTE. German lawmakers were briefed on the probe by the German Interior Ministry, the federal […]
The Hacker News
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
China's Ministry of State Security accuses the U.S. of cyber espionage against Huawei servers since 2009.
ZDNet
Canada to ban Huawei and ZTE and tell telcos to rip out 5G and 4G equipment | ZDNet
While taking longer to ban Huawei and ZTE than some of the Five Eyes, Canada has also gone further by requiring telcos to rip out LTE equipment from the vendors by the start of 2028.
ZDNet
Huawei spotlights healthcare, maritime in 5G use case
Healthcare and maritime are key sectors that can benefit from 5G connectivity with their need for low network latency, but they also have to prepare for higher security risks.
Bleeping Computer
Huawei USB LTE dongles are vulnerable to privilege escalation attacks
This week, a Trustwave security researcher disclosed a privilege escalation flaw in Huawei's USB LTE dongles.
ZDNet
Huawei sees revenue dip 28%, pivots to tap green demand | ZDNet
Chinese tech giant clocks a drop in annual revenue of 28.56% to 636.8 billion yuan ($100.01 billion), though, its net profit climbs to 75.9% to 113.7 billion ($17.86 billion) as it looks to "readjust" its business portfolio to focus on carbon neutrality opportunities.
Ars Technica
How Huawei made a cutting-edge chip in China and surprised the US
China's flagship smartphone maker pulled off the feat despite sanctions.
ZDNet
FCC gets $5.6 billion in requests to access $1.9 billion pot for ripping out Huawei and ZTE | ZDNet
US Federal Communications Commission has received 181 applications from small carriers to access its funding.
SecurityWeek
Nearly 300 Vulnerabilities Patched in Huawei's HarmonyOS in 2022
Nearly 300 vulnerabilities were patched by Huawei in its HarmonyOS operating system in 2022.
Ars Technica
FCC puts Kaspersky on security threat list, says it poses “unacceptable risk“
Moscow-based firm joins Huawei and ZTE on the same US security threat list.
Infosecurity News
CISA Advises FCC Covered List For Risk Management
Some of the companies included in the list are Huawei, ZTE, Dahua and China Unicom
Bleeping Computer
Avast confirms it tagged Google app as malware on Android phones
Czech cybersecurity company Avast confirmed that its antivirus SDK has been flagging a Google Android app as malware on Huawei, Vivo, and Honor smartphones since Saturday.
Security Affairs
EU member states are urged to restrict without delay 5G equipment from risky suppliers
The European Commission urges member states to limit “without delay” equipment from Chinese suppliers from their 5G networks, specifically Huawei and ZTE. The European Commission told member states to impose restrictions on high-risk suppliers for 5G networks without delay, with a specific focus on the dependency on high-risk suppliers, specifically Chinese firms Huawei and ZTE. […]
The Hacker News
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
U.S. regulators have imposed a ban on Chinese telecommunications and video surveillance equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua.
Security Affairs
US FCC bans the import of electronic equipment from Chinese firms
The U.S. Federal Communications Commission announced it will completely ban the import of electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua. The U.S. Federal Communications Commission (FCC) announced the total ban for telecom and surveillance equipment from Chinese companies Huawei, ZTE, Hytera, Hikvision, and Dahua due to an “unacceptable” national security threat. The US […]
CyberScoop
Saudi Arabia a critical partner in fighting cyberthreats, White House cyber official says
The kingdom is a vital partner to ensure the U.S. can block Chinese telecom giant Huawei from dominating networks in the Mideast and Africa.
Bleeping Computer
New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks
A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks.
Cyber Security News
U.S. Banned Chinese Telecom & Surveillance Cameras That Pose National Security Threat
The US has banned the import and sale of Chinese telecom equipment and security camera systems from Huawei, ZTE, Hytera Communications, Hikvision, Dahua, Pacific Network Corp, along with its subsidiary ComNet (USA) LLC, and China Unicom (Americas) Operations Limited.
Security Affairs
China bans chip maker Micron from its key information infrastructure
The Chinese government announced the ban on the products made by the US memory chip giant Micron Technology over national security concerns. The Cyberspace Administration of China announced the ban on products made by US memory chip giant Micron Technology over security concerns. The ban is related to the use of company products in key […]
ZDNet
US, Australia and Japan stump up for subsea cable between Nauru, Kiribati and Federated States of Micronesia | ZDNet
Move comes as the United States has been reportedly warning Pacific nations about using Chinese equipment.
CyberSecurity Dive
US effort to rip and replace hardware made in China is ballooning in cost
A yearslong push to remove telecom equipment deemed a national security threat continues to vex regulators.
SecurityWeek
China Says No Law Banning iPhone Use in Govt Agencies
China said it was aware of suspected security issues with iPhones but insisted there was no ban on its officials using the devices.
HACKRead
Popular Keyboard Apps Leak User Data: Billion Potentially Exposed
Popular keyboard apps leak user data! Citizen Lab reports 8 out of 9 Android IMEs expose keystrokes. Change yours & protect passwords!
SecurityWeek
US Puts 3 Dozen More Chinese Companies on Trade Blacklist
The U.S. Department of Commerce is adding 36 Chinese high-tech companies, including makers of aviation equipment, chemicals and computer chips, to an export controls blacklist, citing concerns over national security.
The Record
New Abcbot botnet goes after Chinese cloud providers
Security researchers have spotted a new malware botnet that, over the past few months, has specifically targeted the infrastructure of Chinese cloud hosting providers.
PCMag
US to Investigate Chinese Connected Cars As Potential Security Threat
The Biden administration says 'China’s policies could flood our market with its vehicles, posing risks to our national security.'
DataBreaches
New Canadian cybersecurity bill to require mandatory reporting of ransomware, other attacks
Jim Bronskill reports: Businesses and other private-sector organizations would be required to report ransomware incidents and other cyberattacks to the...
Bleeping Computer
US says Kaspersky poses unacceptable risk to national security
The Federal Communications Commission (FCC) added Russian cybersecurity firm Kaspersky to its Covered List, saying it poses unacceptable risks to U.S. national security.
CyberNews
Bugs in keyboard apps revealing what users type
Pinyin keyboard app users exposed to snooping attacks.
DataBreaches
China’s Shenzhen City Enacted Regional Data Regulation
Manuel Torres and Zhang, Dun of Garrigues write: Shenzhen, the leading financial and production center for China and home of many Chinese internet and tech...
Cyber Security News
Major Security Flaw in Popular Keyboard Apps Puts Millions at Risk
Critical security vulnerabilities in several widely used keyboard apps, including those from major tech giants Samsung, OPPO, Vivo, and Xiaomi.
SecurityWeek
US Brands Russian Cybersecurity Firm Kaspersky 'Security Threat'
US regulators have deemed antivirus software maker Kaspersky a "threat to national security," a designation that will restrict its dealings in the United States
Bleeping Computer
Mali GPU ‘patch gap’ leaves Android users vulnerable to attacks
A set of five exploitable vulnerabilities in Arm's Mali GPU driver remain unfixed months after the chip maker patched them, leaving potentially millions of Android devices exposed to attacks.
The Record
Lawmakers press FCC for action on Chinese-made cellular modules
Reps. Mike Gallagher and Raja Krishnamoorthi, leaders of the House's panel on China, want to hear more from the FCC about Chinese-made cellular connectivity modules embedded in Internet of Things devices.
CyberNews
Chinese-owned chipmaker Nexperia hacked
Nexperia, the Chinese-owned Dutch chipmaker, has confirmed reports that some of its servers were hacked amid claims that “trade secrets” were stolen.
CyberNews
Microsoft hits $3 trillion market value
Microsoft's stock market value crossed $3 trillion for the first time, retaining its place as the world's second most valuable company, just behind iPhone maker Apple.
The Hacker News
Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers
Beastmode DDoS botnet is now exploiting recently disclosed TOTOLINK bugs in order to enslave more routers.
CyberNews
Microsoft topples Apple to become global market cap leader
Microsoft has eclipsed Apple to become the world's largest company by market capitalization.
SecurityWeek
Open Source Security Foundation Now Counts 60 Members
OpenSSF announces that 19 more organizations have joined the initiative, which now has a total of 60 members.
Security Affairs
Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for […]
DarkReading
Chinese Keyboard Apps Open 1B People to Eavesdropping
Eight out of nine apps that people use to input Chinese characters into mobile devices have security vulnerabilities that allow a passive eavesdropper to collect keystroke data.
Bleeping Computer
Study reveals Android phones constantly snoop on their users
A new study by a team of university researchers in the UK has unveiled a host of privacy issues that arise from using Android smartphones.
SecurityWeek
Canada Bans WeChat and Kaspersky on Government Phones
Canada's CISO determined that WeChat and Kaspersky applications present an unacceptable level of risk to privacy and security.
SecurityWeek
Ransomware Group Claims Theft of Data From Chipmaker Nexperia
The Dark Angels (Dunghill) ransomware group claims to have stolen 1 Tb of data from Nexperia, which is investigating the incident.
The Hacker News
U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List
The U.S. FCC has added two Chinese telecommunication companies, ComNet and China Unicom, to its National Security Threat list.
SecurityWeek
Oracle Fusion Middleware Vulnerability Exploited in the Wild
CISA has warned organizations about CVE-2021-35587, a critical Oracle Fusion Middleware vulnerability that has been exploited in attacks.
Infosecurity News
Final Call for Views on Government App Security Proposals
The cybersecurity industry has until Wednesday, June 29, to submit views on a proposed code of practice for app store operators and developers
Latest Hacking News
Multiple Vulnerabilities In MegaRAC BMC Risked Server Security
Researchers discovered multiple vulnerabilities in MegaRAC BMC firmware that riddled the security of numerous server brands. IT admins must ensure prompt updates to their servers to avoid potential exploits. MegaRAC BMC Vulnerabilities Eclypsium Research team has found
Infosecurity News
US RESTRICT Act Gains Supports, Empowers Biden to Ban Foreign Tech
The White House and a bipartisan group of 12 senators have endorsed the legislation
Infosecurity News
US RESTRICT Act Gains Support, Empowers Biden to Ban Foreign Tech
The White House and a bipartisan group of 12 senators have endorsed the legislation
ZDNet
Google increases its bug bounty for Fitbit and Nest security flaws | ZDNet
Google wants hackers to focus on hardware for the Internet of Things.
Infosecurity News
Quad Countries Prepare For Info Sharing on Critical Infrastructure
US, Australia, India and Japan deepen cyber ties
CyberNews
Kaspersky deemed a 'threat' to US national security | CyberNews
The FCC added Russia's Kaspersky Lab to its 'threat list,' echoing similar decisions in Europe.
ZDNet
PJCIS concerned TSSR's 'do your best' requirements are not enough anymore | ZDNet
Committee recommends an Australian telecommunications security working group be established as it says the Telco Act is not enough to secure the nation.
Infosecurity News
China Issues Ban on US Chipmaker Products
The Chinese Communist Party has told tech operators in China to stop purchasing Micron products
The Record
U.K. seeks to build “cyber power” via new national cybersecurity strategy
The United Kingdom on Wednesday announced a major update to its national cybersecurity strategy.
Security Affairs
Beastmode Mirai botnet now includes exploits for Totolink routers
Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. Like most DDOS botnets, Beastmode attempt to infect other devices by launching brute-forcing attacks or exploiting multiple vulnerabilities. Between February and March 2022, researchers from the FortiGuard Labs […]
CyberSecurity Dive
FCC bans imports of telecom gear from China-based companies
The latest in a series of orders aligns the agency’s equipment authorization process with national security policies.
The Hacker News
Medusa Android Banking Trojan Spreading Through Flubot's Attacks Network
FluBot and Medusa, two separate Android banking trojans, join forces to use the same distribution network to launch simultaneous attacks.
Infosecurity News
Government Sets Out New Rules to Enhance App Security
Voluntary code of conduct is designed for developers and app store operators
CyberNews
YouTube takes down 19 channels promoting anti-US narratives
A widespread campaign has exploited an AI company to promote pro-China narratives.
The Hacker News
Attackers Can Use Electromagnetic Signals to Control Touchscreens Remotely
GhostTouch attack allows attackers to use electromagnetic signals to control touchscreen devices.
ZDNet
China condemns US ban on telco, urges need for fair treatment | ZDNet
Chinese government has lashed out at the US government's decision to revoke China Unicom's licence and vows to safeguard the "legitimate rights" of Chinese businesses operating in the US.
Bleeping Computer
US bans China Telecom Americas over national security risks
The Federal Communications Commission (FCC) has revoked China Telecom Americas' license to provide telecommunication services within the United States.
SecurityWeek
China's Offensive Cyber Operations in Africa Support Soft Power Efforts
Chinese state-sponsored threat groups have targeted telecoms, financial and government organizations in Africa as part of soft power efforts.
The Record
China-linked influence campaign targets Canadian lawmakers, prime minister
Canada has accused China-linked threat actors of spreading disinformation and propaganda about its politicians on social media.
Ars Technica
Intel suspends all operations in Russia “effective immediately”
Intel says it's working to support its 1,200 employees in Russia.
SecurityWeek
Shadowserver Starts Conducting Daily Scans to Help Secure ICS
The Shadowserver Foundation has started conducting daily scans in an effort to identify exposed ICS and help organizations reduce exposure.
Cyber Security News
BGP Error Handling Flaw Leads to Prolonged Network Outage
BGP is the backbone protocol and the internet's "glue," which directs the routing decisions between ISP networks to hold the internet under a set.
Security Affairs
Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia
The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company.
Infosecurity News
UK Policing Riddled with Chinese CCTV Cameras
Security and ethical concerns raised by surveillance commissioner
SecurityWeek
Lawmakers Want Clampdown on American VCs Funding Chinese Tech Companies
Congressional report says US venture capital firms invested in Chinese tech companies in sectors that are a threat to US national security.
Latest Hacking News
Hackers Can Bypass Fingerprint Locks On Phones With BrutePrint Attack
While biometric locks usually seem a safe device locking method, researchers have now devised a viable bypass. Dubbed “BrutePrint” the new attack method allows an adversary to brute-force fingerprint to unlock target devices like smartphones. BrutePrint
Infosecurity News
Chipmaker Giant Nexperia Confirms Cyber-Attack Amid Ransomware Group C
Nexperia confirmed its IT servers were accessed by attackers, with the Dunghill ransomware group claiming to have stolen chip designs and other sensitive documents
Bleeping Computer
US bans major Chinese telecom over national security risks
The Federal Communications Commission (FCC) has revoked China Unicom Americas' license, one of the world's largest mobile service providers, over "serious national security concerns."
Security Affairs
Go-based Chaos malware is rapidly growing targeting Windows, Linux and more
A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux. The malicious code was developed to target a broad range of devices, […]
The Record
Arm, Qualcomm warn GPU drivers are likely being exploited by hackers
The British semiconductor designer Arm and U.S. chip manufacturer Qualcomm issued separate warnings Monday that hackers are likely exploiting multiple vulnerabilities in their graphics processing units (GPUs).
Security Affairs
HinataBot, a new Go-Based DDoS botnet in the threat landscape
A new Golang-based DDoS botnet, tracked as HinataBot, targets routers and servers by exploiting known vulnerabilities. Akamai researchers spotted a new DDoS Golang-based botnet, dubbed HinataBot, which has been observed exploiting known flaws to compromise routers and servers. The experts reported that the HinataBot bot was seen being distributed since the beginning of 2023 and its operators are actively […]
Infosecurity News
UK to Place Security Requirements on App Developers and Store Operators
Under the proposals, all app stores would be required to commit to a new code of practice
Security Affairs
U.S. gov adds more Chinese Telecom firms to the Covered List
The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the Covered List. The Covered List, published by Public Safety and Homeland Security Bureau published, included products and […]
Bleeping Computer
Chipmaker Nexperia confirms breach after ransomware gang leaks data
Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data.
Bleeping Computer
Russia faces IT crisis with just two months of data storage left
Russia faces a critical IT storage crisis after Western cloud providers pulled out of the country, leaving Russia with only two more months before they run out of data storage.
Cyber Security News
300,000 Chinese Devices in US : 40% Increase Despite Official Bans
Chinese devices are suspected of administering cyber espionage due to concerns over potential backdoors, supply chain vulnerabilities, and the
Bleeping Computer
Severe AMI MegaRAC flaws impact servers from AMD, ARM, HPE, Dell, others
Three vulnerabilities in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact server equipment used in many cloud service and data center providers.
ZDNet
Telstra aims up at government cybers with new specialist arm | ZDNet
Telco says it is in a unique threat visibility position thanks to having the nation's largest network.
The Hacker News
New 5G Modems Flaws Affect iOS Devices and Android Models from Major Brands
Major security flaws in 5G modems impact hundreds of smartphone models from brands like Apple, Samsung, and Google.
Bleeping Computer
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers
Two new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software company American Megatrends International.
The Record
More than 2,000 cybersecurity patent applications filed since 2010: report
The number of cybersecurity patent applications has skyrocketed over the past decade, with U.S. companies leading the way.
Computerworld
China to probe Micron over cybersecurity, in chip war’s latest battle
The Chinese government will investigate US-based Micron as a potential cyberthreat, in the latest move in an ongoing semiconductor trade dispute that is disrupting the chip supply chain.
CyberNews
FCC approves label for smart products: look for “Cyber Trust Mark” stickers
Internet of Things (IoT) products, if they meet “robust cybersecurity standards,” now may qualify for a voluntary label under the US Cyber Trust Mark program
Loading more articles....