According to a recent security report, Chinese government has decided to resort to hacking, cyberwarfare and corporate espionage tactics to boost its ambitious defense program, compromising the systems of firms like Lockheed Martin in order to access classified information useful for their own purposes.

Peter Suciu, a renowned researcher, says China is an actor that should be taken seriously, especially on military issues. This is not the first such report, as since 2019 the Pentagon had accused the Chinese military of resorting to what they defined as “cyber theft” and other methods to achieve great improvements in military terms.

It all went back to 2007, when the firm Lockheed Martin discovered that a Chinese hacking group had been stealing technical documents related to the F-35 program, while a similar theft occurred when cybercriminals working for Beijing managed to compromise a network of an Australian subcontractor to the F-35.

These reports lead experts to believe that the Chinese have acquired a wealth of crucial information and data for these programs, including the development of the Chinese J-20 fighter jet, also known as “Mighty Dragon.” Suciu himself claims that the creation of these aircraft would have been impossible without the information stolen from Lockheed Martin.

In connection with these reports, Business Insider published a report detailing the clear similarities in appearance and engineering between American aircraft and those created by the Chinese government. In addition, the report not only emphasizes the similarity of these aircraft, but also states that the sensor systems used by the Chinese government are virtually identical to the electro-optical guidance employed by Lockheed Martin in the Lightning II model, further evidence of espionage against the company.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO] appeared first on Information Security Newspaper | Hacking News.

Cybersecurity specialists report the detection of a web attack structure implemented by an alleged group of Chinese state-sponsored hackers and designed to exploit security flaws in dozens of popular websites in order to gather information about dissidents and opponents of china’s government. Apparently, hackers are attacking at least 57 Chinese websites and the official platforms of the American newspaper New York Times.

The report mentions that this tool is also capable of abusing some legitimate browser functions to deploy a keylogging attack, in addition to collecting multiple data about the operating system, location details and even taking screenshots and images from webcams.

Identified as Tetris, this tool was first found on two Chinese websites that appeared to be non-profit news blogs, says one of the researchers who participated in Tetris’ analysis. The researcher works under the pseudonym “Imp0rtp3”.

The expert mentions that users who entered a compromised website were greeted by Jetriz, the first of two components of Tetris and that it was in charge of collecting information about the target user’s browser. If the browser was set to Chinese language, the user would be redirected to the second malicious component.

Swid, the second component, loads 15 additional plugins in JavaScript inside the victim’s browser. Eight of these plugins abuse a JSON hijacking technique to initiate connections to popular websites and retrieve public data about users. This technique does not allow the extracting of passwords or authentication cookies; although the report mentions that a threat actor could retrieve information such as user names, telephone numbers and even real names, allowing the elaboration of detailed user profiles.

Imp0rtp3 maintains that these tactics and procedures are linked to a hacking group that collaborates very closely with the Chinese government. The researcher bases his conclusions on the fact that Tetris operators have limited their campaign to a certain number of websites. As mentioned above, most of the affected websites are news blogs, political analysis, and anti-Chinese government opinion, which once again demonstrate its special interest in tracking and monitoring against potential threats to the regime’s stability.

Finally, the report mentions that while tools like Tetris are not very common these days, they are still a real threat to thousands of users, especially in highly targeted campaigns like the one described in this article.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Tetris, Chinese government’s favorite hacking & spying tool. How it works and how to get it? appeared first on Information Security Newspaper | Hacking News.

This is a new case of practice known as session replay, used by multiple companies to take detailed records of how their users interact with their websites, involving the capture of mouse movements, clicks and information queries on the page visited.

Under the lawsuit filed in Lake County Circuit Court, Florida, Intel is violating the state Communications Security Act, enacted in 2020 and which, among other things, prohibits companies from intentionally intercepting any electronic communication without consent.

Holly Londers, one of the plaintiffs, claims to have visited Intel’s website at least a dozen times between late 2020 and early 2021, which the company took advantage of to intercept its interactions without its consent on at least a couple of occasions: “This practice represents a flagrant invasion of our privacy as users,” Londers says.

It should be noted that this is a class action lawsuit and its scope applies to any user in the state of Florida who has visited Intel’s website and viewed their intercepted communications. The main objective of the plaintiffs is for Intel to stop carrying out this practice, in addition to forcing the company to delete records collected without the express consent of users.

Although the demand does not specify the name or type of software used by Intel for session playback, an additional report ensures that it is Clicktale, owned by the Contentsquare analytics company. Experts mention that this is a cloud-based analytical system and service that allows customers to visualize the visitor experience on their website. These tools were designed to improve presentation and functions on websites, although as detailed in previous paragraphs, their primary use is session replay.

This is not the first similar legal case, as a lawsuit filed in 2017 filed similar claims against companies such as Casper Sleep and Navistone Inc. for violations of the Electronic Communications Privacy Act, in effect since 1986. However, this case was dismissed for failures in the process.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Intel’s website records and tracks keystrokes, mouse clicks, and user cursor movement appeared first on Information Security Newspaper | Hacking News.

It should be remembered that Sandworm, also known as BlackEnergy/TeleBots, has been a sophisticated active cyberespionage group for more than 20 years. Experts believe this group is part of Unit 74455, the Russian government’s main technology program. This group has been linked to relevant incidents such as KillDisk attacks targeting critical infrastructure in Ukraine, and they are noted as major developers of the dangerous NotPetya ransomware.

This announcement comes after ANSSI, the French cybersecurity agency, published a report detailing a number of security incidents that resulted in the information gap of some IT service providers for some years now.

The French cybersecurity agency mentions that the first incident was reported at the end of 2017, with new attacks constantly detected until 2020. ANSSI reports that all organizations compromised during this time span were running Centreon’s IT monitoring software. Still, the agency has not been able to detect the attack vector used to compromise these servers and install the backdoor known as Exaramel.

In response to this report, Centreon mentions that its customers have not been compromised by these attacks, as these incidents were related to an outdated and free version of its software, released in 2014. The company says that eight more versions have been released since the release of that vulnerable version: “There are about 15 organizations affected by this campaign, all operating an open source version that was discontinued five years ago,” Centreon says.

On the other hand, Centreon emphasizes that this is not a supply chain attack, as the perpetrators of the attack did not abuse its platform for the delivery of malicious code on its customers’ networks as happened recently in SolarWinds: “ANSSI concluded that our servers were not abused for the distribution of malicious code”, adds the company’s message.

ANSSI reports claim that this campaign is very similar to those deployed by Sandworm hackers, as it also includes techniques such as launching spam campaigns and early intrusion stages before starting the actual attack. The agency also mentions that the C&C servers that control this malware operate similarly to previous campaigns.

The post Russian hacking group involved in cyber spying campaign against French firms appeared first on Information Security Newspaper | Hacking News.

GE Respiratory and anesthesia equipment vulnerable to cyber attacks | JULIAN ASSANGE WAS BEING SPIED IN LONDON’S ECUADOR EMBASSY 

Below are the links of the cyber security news.

1. Respiratory and anesthesia equipment vulnerable to cyber attacks.

2. ASSANGE WAS BEING SPIED IN LONDON’S ECUADOR EMBASSY 

The post Popular News Video 12 July appeared first on Information Security Newspaper | Hacking News.

China forces tourists to install spyware on their cell phones & USA will use old technology in power grids as new technology can be hacked

Below are the links of the cyber security news.

1. China forces tourists to install spyware on their phones

2.Us government will use old tech in power grids instead of new tech as it can be hacked

The post Popular News Video 5 July appeared first on Information Security Newspaper | Hacking News.

Hello, let’s talk about another town in Florida hacked with ransomware and the Cloud Hopper hacker campaign affects several important companies like HP, IBM & TCS.

Below are the links of the cyber security news.

1. Another city in Florida will pay hacker ransom

2.Companies of cloud services affected by Cloud Hopper hackers were revealed

The post Cyber Security Trends Video |30 June19 appeared first on Information Security Newspaper | Hacking News.

Should you buy Bitcoin as it has reached it’s maximum value and about the cybernetic war between the US and Iran that is beginning.

Below are the links of the cyber security news.

1. The cyber war between the United States and Iran has begun

2. Increase Bitcoin value

The post Cyber Security Trends Video |26 June19 appeared first on Information Security Newspaper | Hacking News.