The teenage student know as "Li," created an app that has already infected at least 100,000 phones.
The Chinese government is pushing government-owned banks to replace IBM servers with those made locally, according to reports.
The 100-page report mostly addresses alleged Chinese cyber espionage operations, and suggests it's time for U.S. government agencies and corporations to consider more proactive approaches, possibly including hack-backs.
Attackers who raided Google in 2010 to learn information about Chinese human rights activists were also trying to gain insight on which Chinese intelligence agents were on the radar of U.S. authorities, according to a report.
The proposal from two Republican and two Democratic senators requires the director of national intelligence to create a "watch list" of nations suspected of cyber spying.
China and the United States plan to erect a cyber security working group in light of continued worries over the former's alleged cyber espionage activities, according to reports.
The Chinese official said the country is being unfairly singled out as a purveyor of corporate espionage, and it is supportive of developing agreed-upon international rules of conduct in cyber space.
Researchers at AlienVault are tracking the moves of a highly skilled espionage group, likely nation-state backed and operating out of China, that has hit two U.S. manufacturers of solar panels.
Security firm Mandiant may have documented among the most convincing evidence to date of the significant espionage threat emanating from China.
The 18-month White House probe determined that there is no evidence that Huawei was involved in spying on behalf of the Chinese government, which runs counter to a U.S. House report released last week.
...nevertheless, companies need to do a better job of protecting IP, says Adam Segal.
The National Security Agency claims a dozen groups connected to China's People's Liberation Army and six nonmilitary groups connected to universities are largely behind cyber spying campaigns.
China and Russia were called out in a report as the world's most prolific perpetrators of economic espionage against the U.S.
Hackers over the summer targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property.
China is denying a U.S. congressional committee's claim that hackers interfered with two government satellites.
A Chinese military documentary appears to offer a rare glimpse of an actual state-sponsored hacking tool being used to attack a U.S. website affiliated with the dissident Falun Gong religious movement.
While McAfee's recently released "Shady RAT" report concentrated on the victims of a mass cyberespionage ring, another researcher has decided to focus his attention on the adversaries behind such attacks. In a video recorded last week at the Black Hat conference in Las Vegas, Joe Stewart of Dell SecureWorks explains how he was able to trace 60 families of custom malware thanks to error messages yielded by a "connection bouncer" tool used by the hackers to hide their tracks, but which inadvertently pointed back to about a dozen command-and-control centers hosted by ISPs in China. Two of the malware families are known to have been used in the RSA SecurID breach. "It gives you a better line on attribution," Stewart told SCMagazineUS.com.
For at least 18 minutes on April 8, 15 percent of the globe's internet traffic was rerouted through China, according to a post Wednesday on the McAfee blog. This included transmissions from U.S. military and government networks, as well as from commercial players, all of which could have been intercepted, logged and altered. There is yet no clear answer as to how this occurred or whether it was deliberate, but certainly was "one of the biggest routing hijacks we have ever seen," said McAfee. - GM
Authorities in China said over the weekend that they will punish those involved in the attacks on Google, if evidence is presented that the attacks originated in the Asian nation.
Sign up to our newsletters
SC Magazine Articles
- State breakdowns: Anthem breach by the numbers
- Malware on Lime Crime website, payment cards compromised
- Botnet of Joomla servers furthers DDoS-for-hire scheme
- Bug in popular WordPress plugin opens up websites to SQL injection attacks
- Report: Majority of health-related websites leak data to third parties
- State breakdowns: Anthem breach by the numbers
- Carbanak APT campaign made off with $1B from banks globally
- NIST requests final comments on ICS security guide
- Disconnect yawns between CISOs, exec leadership, study says
- Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
- Angler EK hijacks domain registrant credentials to create malicious pages
- New SSL/TLS vulnerability, FREAK, puts secure communications at risk
- Tsukuba trojan aimed at Japanese banking customers
- GAO releases report on FAA security lapses, experts remain unconcerned
- Infections caused by prevalent financial trojans dropped 53 percent last year