720-891-1663

China’s Volt Typhoon In Critical Networks for 5 Years

U.S. Intelligence agencies say that China is shifting tactics. Or, maybe just adding new ones. The NSA, CISA and FBI said, in a joint advisory, that China-backed hackers have maintained access inside U.S. critical infrastructure such as aviation, rail, mass transit, highway, maritime, pipeline, water and sewage to prepare to launch a catastrophic attack at […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending February 2, 2024

Myanmar Cyber Crime Bosses Handed to China You may remember that a couple of weeks ago I reported that the Myanmar government turned over control of the part of the country where Crime bosses were running various social engineering scams and human trafficking to the rebels who threatened to shut them down. Now there are […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Microsoft Explains Most Recent Chinese Email Hack – Humans

As is often the case, humans and process represent the biggest failure window. Microsoft, to its credit, is being public about its own failures and pretty quickly. The Chinese hackers, Storm-0558, obtained a “golden cryptographic key” which allowed them to generate tokens so that they could masquerade as other users. I don’t know why you […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Is Microsoft “Grossly Irresponsible” for Not Fixing Bugs

In light of the most recent Chinese attack on Azure, several people are speaking out. Amit Yoran, chairman of security firm Tenable, former president of RSA and former Homeland Security National Cyber Security Division director, says this in a LinkedIn post: Cloud providers have long espoused the shared responsibility model. That model is irretrievably broken […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Bites for the Week Ending June 30, 2023

Ex-FBI Employee Sentenced to 46 Months for Taking Classified Docs Home In a case similar to the one that an ex-president is facing, ex-FBI agent Kendra Kingsbury was sentenced on two counts of unlawfully retaining documents related to national defense. She held a Top Secret/SCI security clearance and the DoJ says that she removed 386 […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Cybersecurity Advisory – China Using “Living off the Land” Attacks to Avoid Detection

The FBI, NSA, CISA, Australia, Canada, New Zealand and the UK (AKA the US and the Five-Eyes Countries) issued a joint advisory on Chinese cyber tactics in light of the Guam critical infrastructure attack. Living off the Land means an attack that uses existing, already installed, vendor signed software to launch an attack and maintain […]

Continue reading → [DISPLAY_ACURAX_ICONS]