Security news aggregator

Latest coverage for China

Stay updated with the latest information security trends, threats, and strategies emerging from China. Discover how China shapes global cybersecurity.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

China covers cybersecurity and information-security developments connected to China, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.

For practitioners, the tag provides geographic context for developments involving China's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.

Showing 20 most recent headlines of 22 Filtered view

Chinese Nation-State Hackers Used a Custom Utility to Capture PacketsChinese hackers who infiltrated U.S. telecoms likely only used one, known Cisco vulnerability, says Cisco's cybersecurity unit. Otherwise, the Chinese nation-state cyberespionage operation known as Salt Typhoon used stolen login credentials living-off-the-land techniques, says Cisco Talos.

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies

Bank Info Security 1 year, 4 months ago

Breach Roundup: FBI Publishes Ghost Warning

Also: Lee Enterprises Recovering From Ransomware Attack, an Ivanti POCThis week, a FBI warning on Ghost ransomware, Lee Enterprises confirmed its ransomware attack, a proof-of-concept for Ivanti EPM flaws and a cybersecurity flaw in a Xerox machine. Also, a Chinese cyberespionage hacker apparently moonlighted as a ransomware attacker and NioCorp hit by a cyber heist.

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases

Bank Info Security 1 year, 4 months ago

South Korea Keeps DeepSeek AI Chatbot Off App Stores

Regulators Cite Privacy Concerns Over DeepSeek's Data Collection PracticesThe Personal Information Protection Commission, South Korea's data protection regulator, has directed Chinese artificial intelligence company DeepSeek AI to withdraw its chatbot application from official app stores pending an inquiry into the chatbot's compliance with data protection rules.

Bank Info Security 1 year, 4 months ago

Chinese Hackers Exploit Windows Tool to Install Backdoors

Mustang Panda Uses MAVInject to Evade Antivirus DetectionA Chinese state-sponsored hacking group is abusing a legitimate Microsoft tool to evade security and install backdoors on government systems in the Asia-Pacific region. The threat actor uses MAVInject.exe to inject malware into waitfor.exe.

Krebs on Security 1 year, 4 months ago

How Phished Data Turns into Apple & Google Wallets

Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.

Loading more headlines...