china
TikTok is back up in the US after Trump says he will extend deadline
TikTok is back up in the United States after Trump announced today that he would extend a 90-day deadline for the company to find a U.S. purchaser. After the Supreme Court unanimously voted to allow a TikTok ban to proceed, the social media company shut down access in the U.S. late Saturday night. Today, Trump announced that […]
TikTok shuts down in the US as Trump throws the company a lifeline
TikTok shut down in the U.S. late Saturday night following the Supreme Court’s decision to uphold the law that banned the company over national security concerns. However, the ban may be shortlived as Trump announced today that he would issue an executive order when he takes office on Monday to give TikTok an additional 90 […]
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. “Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People’s Republic […]
FCC orders telecoms to secure their networks after Salt Tyhpoon hacks
The Federal Communications Commission (FCC) has ordered U.S. telecommunications carriers to secure their networks following last year’s Salt Typhoon security breaches. Today’s action comes after FCC Chairwoman Jessica Rosenworcel said in early December that the FCC would act “urgently” to require U.S. carriers to secure their systems from cyberattacks. “We now have a choice to make. We […]
GDPR complaints filed against TikTok, Temu for sending user data to China
Non-profit privacy advocacy group “None of Your Business” (noyb) has filed six complaints against TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi, for unlawfully transferring European user’s data to China and infringing European Union’s general data protection regulation (GDPR). Founded by Austrian privacy activist Max Schrems, NOYB works through legal action against companies that violate users’ privacy rights, particularly in […]
FBI wipes Chinese PlugX malware from over 4,000 US computers
The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. The malware, controlled by the Chinese cyber espionage group Mustang Panda (also tracked as Twill Typhoon), infected thousands of systems using a PlugX variant with a wormable component that allowed it to […]
Treasury hackers also breached US foreign investments review office
Silk Typhoon Chinese state-backed hackers have reportedly breached a Treasury Department office that reviews foreign investments for national security risks. CNN reported on Friday, citing U.S. officials familiar with the matter, that the attackers gained access to the Committee on Foreign Investment in the United States (CFIUS) systems. The CFIUS is a government office and interagency committee […]
MirrorFace hackers targeting Japanese govt, politicians since 2019
The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a cyber-espionage campaign targeting the country to the Chinese state-backed “MirrorFace” hacking group. The campaign has been underway since 2019 and is still ongoing, while the Japanese investigators have observed distinct phases with differentiation of targets and attack methods. In […]
US Treasury hack linked to Silk Typhoon Chinese state hackers
Chinese state-backed hackers, tracked as Silk Typhoon, have been linked to the U.S. Office of Foreign Assets Control (OFAC) hack in early December. Last month, GeekFeed reported that the Treasury disclosed a significant cybersecurity incident. The attackers used a stolen Remote Support SaaS API key to compromise a BeyondTrust instance used by the Treasury, allowing them to […]
Ivanti zero-day attacks infected devices with custom malware
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not currently associated with any threat group. The security issue, now tracked as CVE-2025-0282 is a critical stack-based buffer overflow flaw that impacts Ivanti Connect Secure 22.7R2.5 and older, Ivanti Policy Secure 22.7R1.2 and older, […]