The Cyberspace Administration of China (CAC) has issued new stricter vulnerability disclosures regulations that mandate security researchers uncovering critical flaws in computer systems to mandatorily disclose them first-hand to the government authorities within two days of filing a report. The "Regulations on the Management of Network Product Security Vulnerability" are … [Read more...] about China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government
Chinas
China’s Cyberspies Targeting Southeast Asian Government Entities
A sweeping and "highly active campaign" that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines, according to new research. Russian cybersecurity firm Kaspersky, which first spotted the infections in October 2020, attributed them to a threat actor it tracks as "LuminousMoth," which it connected with medium to … [Read more...] about China’s Cyberspies Targeting Southeast Asian Government Entities
China’s Baidu Android Apps Caught Collecting Sensitive User Data
Two popular Android apps from Chinese tech giant Baidu were temporarily unavailable on the Google Play Store in October after they were caught collecting sensitive user details. The two apps in question—Baidu Maps and Baidu Search Box—were found to collect device identifiers, such as the International Mobile Subscriber Identity (IMSI) number or MAC address, without users' … [Read more...] about China’s Baidu Android Apps Caught Collecting Sensitive User Data
Researchers Reveal New Security Flaw Affecting China’s DJI Drones
Cybersecurity researchers on Thursday revealed security issues in the Android app developed by Chinese drone-maker Da Jiang Innovations (DJI) that comes with an auto-update mechanism that bypasses Google Play Store and could be used to install malicious applications and transmit sensitive personal information to DJI's servers.The twin reports, courtesy of cybersecurity firms … [Read more...] about Researchers Reveal New Security Flaw Affecting China’s DJI Drones
Turbine Panda, China’s Spies & Passenger Jets
Rarely in the infosec industry do cyber investigators get the luxury of knowing the full scope of their adversary’s campaign — from tasking to actual operations, all the way to completion. The oft-repeated mantra “attribution is hard” largely stands true. Short of kicking down the door just as a cyber actor pushes enter, it is frustratingly hard to prove who is responsible for … [Read more...] about Turbine Panda, China’s Spies & Passenger Jets
Apple Under Fire Over Sending Some Users Browsing Data to China’s Tencent
Do you know Apple is sending iOS web browsing data of some of its users to Chinese Internet company Tencent?I am sure many of you are not aware of this, neither was I, and believe me, none of us could expect this from a tech company that promotes itself as a champion of consumer privacy.Late last week, it was widely revealed that starting from at least iOS 12.2, Apple silently … [Read more...] about Apple Under Fire Over Sending Some Users Browsing Data to China’s Tencent
China’s Border Guards Secretly Installing Spyware App on Tourists’ Phones
Chinese authorities are secretly installing surveillance apps on smartphones of foreigners at border crossings in the Xinjiang region who are entering from neighboring Kyrgyzstan, an international investigation revealed.Xinjiang (XUAR) is an autonomous territory and home to many Muslim ethnic minority groups where China is known to be conducting massive surveillance operations, … [Read more...] about China’s Border Guards Secretly Installing Spyware App on Tourists’ Phones