InfoSecBulletin Cybersecurity for mankind
US authorities have revealed a major cyberespionage campaign by hackers, targeting information from Americans in government and politics.
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint statement on Wednesday that actors affiliated with Beijing had “compromised networks at multiple telecommunications companies”.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
In a statement FBI, CISA said, “we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues.”
Aljazeera reported, “The hackers also accessed “information that was subject to US law enforcement requests pursuant to court orders”, the agencies said, suggesting they sought to compromise programmes subject to the Foreign Intelligence Surveillance Act (FISA), which grants spy agencies broad powers to surveil the communications of individuals suspected of being foreign agents.”
The warning follows several major hacking incidents reportedly linked to China, as U.S. authorities claim these attacks aim to steal technology, government information, and target critical infrastructure like the electrical grid.
In September,The FBI has disrupted a large Chinese hacking operation called Flax Typhoon, which involved installing malicious software on over 200,000 devices like cameras, video recorders, and routers. This created a massive botnet used for various cyber crimes.
ABC news reported, “China has rejected accusations from U.S. officials that it engages in cyberespionage directed against Americans. A message left with China’s embassy in Washington was not immediately returned Wednesday.”
