Tag: CHINA

Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday
Summary: President Joe Biden’s recent executive order aims to enhance U.S. cybersecurity by addressing various critical areas, including software supply chains, encryption, and foreign threats. The order has sparked discussions among cybersecurity professionals regarding its future under the incoming Trump administration. Experts express both optimism and concern about the implications of the order for national security and the cybersecurity landscape.…
Read More
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Summary: Austrian privacy non-profit None of Your Business (noyb) has filed complaints against several companies, including TikTok and Xiaomi, for allegedly violating EU data protection laws by transferring user data to China. The organization seeks an immediate halt to these data transfers, citing concerns over Chinese government access to personal information.…
Read More
Cybercriminals Exploit Fake Google Ads to Ransack Advertiser Accounts
Summary: A sophisticated phishing campaign has been uncovered, where cybercriminals use fraudulent Google Ads to target advertisers, redirecting them to fake login pages. This operation exploits the trust in Google’s ad platform to steal credentials, which are then used to hijack accounts for malicious purposes. The scheme has been observed globally, with multiple distinct groups involved in executing the attacks.…
Read More
GDPR complaints filed against TikTok, Temu for sending user data to China
Summary: The non-profit privacy advocacy group “None of Your Business” (noyb) has filed six complaints against TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi for unlawfully transferring European user data to China, violating the EU’s GDPR. Founded by privacy activist Max Schrems, noyb aims to hold companies accountable for privacy rights violations, particularly regarding data transfers and online tracking.…
Read More
US issues sanctions against companies in Laos, China tied to North Korean IT worker scheme
Summary: The U.S. has imposed sanctions on two North Korean nationals and several companies in Laos and China for facilitating a scheme that deceived American firms into hiring North Korean IT workers, whose earnings fund the DPRK’s weapons programs. The Treasury Department highlighted the extensive network of North Korean IT workers operating globally, often using stolen identities to conceal their activities.…
Read More
Biden’s Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense
Summary: President Biden’s new cybersecurity executive order outlines a robust cyber-defense strategy to address national threats, particularly from China and vulnerabilities in the software supply chain. The order aims to ensure a smooth transition to the incoming Trump administration while emphasizing the importance of bipartisan cooperation in cybersecurity.…
Read More
US cracks down on North Korean IT worker army with more sanctions
Summary: The U.S. Treasury Department has imposed sanctions on a network linked to North Korea’s Ministry of National Defense, which has been generating revenue through illegal remote IT work. The sanctions target specific companies and individuals involved in these schemes, highlighting North Korea’s reliance on overseas IT workers to fund its weapons programs and support for Russia.…
Read More
Biden signs executive order to bolster national cybersecurity
Summary: President Joe Biden signed an executive order aimed at enhancing U.S. cybersecurity by facilitating sanctions against hacking groups targeting federal agencies and critical infrastructure. The order addresses the ongoing threats posed by ransomware gangs and foreign actors, particularly from China, Russia, and Iran. It builds on previous efforts to strengthen cybersecurity measures across federal systems and critical infrastructure.…
Read More
Summary: The US DOJ and FBI, alongside international partners, executed a significant operation to dismantle the Mustang Panda hacking group, which is backed by the Chinese government. This group utilized PlugX malware to infiltrate systems, targeting sensitive data across various sectors. The operation successfully removed malware from over 4,000 computers in the US, marking a crucial step in countering state-sponsored cyber espionage.…
Read More
Ransomware sanctions, software security among key points in new Biden executive order
Summary: President Joe Biden’s executive order focuses on enhancing federal cybersecurity, addressing cybercrime, and securing commercial software. It aims to make it more difficult and costly for foreign adversaries and ransomware criminals to execute cyberattacks against the U.S. The order outlines nine key initiatives to strengthen America’s digital infrastructure and improve the security of both government and private sector systems.…
Read More
Microsoft January Security Update for High-Risk Vulnerabilities in Multiple Products
Microsoft has released a security update patch addressing 159 vulnerabilities across various products, including critical remote code execution and privilege escalation vulnerabilities. Users are urged to apply these patches promptly to mitigate risks. Affected: Windows, Microsoft Office, Microsoft Visual Studio, Azure, Microsoft Dynamics, Microsoft Edge

Keypoints :

Microsoft released a security update on January 14, fixing 159 vulnerabilities.…
Read More

In recent months, Indonesia has found itself at the center of two significant global cyber threats, highlighting the growing sophistication and reach of state-sponsored and financially motivated hacking groups. These incidents underscore the importance of cybersecurity vigilance in the face of increasingly complex attacks.

FBI Disrupts PlugX Malware Campaign Affecting Indonesia

The U.S.…

Read More
UK Considers Banning Ransomware Payments
Summary: The U.K. government is contemplating a ban on ransomware payments to protect critical industries from cybercriminals. This proposed legislation aims to enhance reporting requirements and educate businesses on responding to ransomware threats, while also acknowledging potential negative impacts on small businesses. The initiative reflects a broader strategy to reduce financial incentives for cybercriminals and improve national cybersecurity.…
Read More
Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump
Summary: Jen Easterly, the outgoing head of CISA, expressed hope that the agency will continue its election-related work despite political opposition. She emphasized the importance of supporting state and local election officials and highlighted CISA’s successful efforts in countering foreign influence in elections. Easterly also warned about the increasing threats from foreign adversaries, particularly China, to critical infrastructure.…
Read More
Easterly: SEC vs. CIRCIA a ‘recipe for dysfunction’ after private sector complaints
Summary: Private sector companies are struggling to navigate the complexities of two new cyber incident reporting rules: the SEC’s regime and the CIRCIA requirements. Jen Easterly, former director of CISA, highlighted the confusion this dual reporting obligation creates for critical infrastructure organizations. She emphasized the need for harmonization of cyber rules to simplify compliance and enhance collective cyber defense efforts.…
Read More