Three Arrests, Two Superpowers and a Secret Prisoner Swap

Three Arrests, Two Superpowers and a Secret Prisoner Swap

4:30 a.m., Sept. 25, 2021, Tianjin, China A pair of prison vans approached the terminal at Tianjin Binhai International Airport carrying two Canadians, blindfolded and disoriented from 1,019 days in captivity. On the moonlit tarmac, an unmarked U.S. Gulfstream jet waited to take them home. Nearby, the Canadian ambassador paced the carpeted lounge. Fifteen time … Read more

Apple releases patch for new actively exploited iOS and iPadOS Zero-Day vulnerability

Apple releases patch for new actively exploited iOS and iPadOS Zero-Day vulnerability

Tech giant Apple on Monday rolled out updates to address a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The vulnerability, given the identifier CVE-2022-42827, has been described as an out-of-bounds write issue in the kernel that could be exploited by a rogue program to execute arbitrary … Read more

Experts warn of hidden PowerShell backdoor masquerading as Windows Update

Experts warn of hidden PowerShell backdoor masquerading as Windows Update

Details have emerged of a previously undocumented and fully undetectable (FUD) PowerShell backdoor that gains its stealth by disguising itself as part of a Windows update process. “The covert homegrown tool and associated C2 commands appear to be the work of a sophisticated, unknown threat actor who targeted approximately 100 victims,” ​​said Tomer Bar, director … Read more

Researchers Detail Windows Zero-Day Vulnerability Patched Last Month

Researchers Detail Windows Zero-Day Vulnerability Patched Last Month

Details have emerged about a now-patched security flaw in Windows Common Log File System (CLFS) that could be exploited by an attacker to gain elevated permissions on compromised machines. Tracked as CVE-2022-37969 (CVSS score: 7.8), the issue was addressed by Microsoft as part of its Patch Tuesday updates for September 2022, while also noting that … Read more

New Chinese Malware Attack Framework Targets Windows, macOS and Linux Systems

New Chinese Malware Attack Framework Targets Windows, macOS and Linux Systems

A previously undocumented command-and-control (C2) framework called Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. “Alchimist C2 has a web interface written in simplified Chinese and can generate a configured payload, establish remote sessions, deploy payloads to the remote machines, take screenshots, perform remote shellcode execution, and run … Read more

Chinese technology threatens future global security, British spy chief warns

Chinese technology threatens future global security, British spy chief warns

LONDON—Beijing’s efforts to exert vice-like control over technology both internationally and within China’s borders threaten future global security and freedom, the head of Britain’s electronic intelligence agency said. Jeremy Fleming, the director of Britain’s Government Communications Headquarters, said Beijing aimed to use a range of existing and new technological means, including digital currency and satellites, … Read more

Chinese technology threatens future global security, British spy chief warns

Chinese technology threatens future global security, British spy chief warns

LONDON—Beijing’s efforts to exert vice-like control over technology both internationally and within China’s borders threaten future global security and freedom, the head of Britain’s electronic intelligence agency said. Jeremy Fleming, the director of Britain’s Government Communications Headquarters, said Beijing aimed to use a range of existing and new technological means, including digital currency and satellites, … Read more

US rewrites digital privacy rules for Europeans to keep data flowing

US rewrites digital privacy rules for Europeans to keep data flowing

The United States has begun implementing a deal with the European Union aimed at allowing information about Europeans to continue to be stored on American soil, reducing a looming threat to thousands of companies with transatlantic operations. President Biden on Friday issued an executive order giving Europeans new rights to challenge U.S. government surveillance practices … Read more

US rewrites digital privacy rules for Europeans to keep data flowing

US rewrites digital privacy rules for Europeans to keep data flowing

The United States has begun implementing a deal with the European Union aimed at allowing information about Europeans to continue to be stored on American soil, reducing a looming threat to thousands of companies with transatlantic operations. President Biden on Friday issued an executive order giving Europeans new rights to challenge U.S. government surveillance practices … Read more

Former Uber security chief found guilty of obstructing FTC probe

Former Uber security chief found guilty of obstructing FTC probe

A jury in San Francisco has found Uber Inc.’s UBER -0.03% former security chief Joseph Sullivan pleaded guilty to criminal obstruction charges for failing to report a 2016 cyber breach to federal authorities. The case was closely watched as a rare instance of a senior cyber security executive facing criminal consequences for a decision not … Read more