Security and Windows TCO Leftovers
-
Scoop News Group ☛ Chinese hackers target family members to surveil hard targets
According to the indictment, between 2015 and 2024, a Chinese hacking group known as APT 31 that is linked to China’s Ministry of State Security targeted thousands of U.S. and Western politicians, foreign policy experts, academics, journalists and democracy activists. In many cases, the group focused its efforts on politicians that the Chinese government “perceived as being critical of PRC government policies.”
These are generally individuals who are aware of the risk that China will try to surveil them using digital means and have tried to lock down their digital systems in response. But the same cannot always be said of their family members, and according to Monday’s indictment, the APT 31 hackers used malicious email messages sent to family members of their actual targets as a reconnaissance tool.
-
Wired ☛ Chinese [Crackers] Charged in Decade-Long Global Spying Rampage
In August last year, the UK’s Electoral Commission revealed “hostile actors” had infiltrated its systems in August 2021 and could potentially access sensitive data for 14 months until they were booted out in October 2022. The deputy prime minister, Oliver Dowden, told lawmakers on Monday that a China state-backed actor was responsible for the attack. In addition, Dowden said, the UK’s intelligence services have determined that Chinese hacking group APT31 targeted the email accounts of politicians in 2021.
-
Krebs On Security ☛ Recent ‘MFA Bombing’ Attacks Targeting Apple Users
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code.
-
Windows TCO
-
YLE ☛ NBI: China-linked group behind Finnish Parliament espionage
The NBI probe, which is ongoing, is being investigated as cases of aggravated espionage, aggravated unlawful access to an information system, and aggravated violation of the secrecy of communications, according to a press release issued on Tuesday.
On Tuesday, the NBI confirmed that it suspected the China-linked cyber espionage group APT31 of involvement in the case and that police have identified one suspect.
-
The Record ☛ Ransomware gang attacks the Big Issue, a street newspaper supporting the homeless
The Big Issue, a street newspaper in the United Kingdom famed for providing homeless people with a legitimate income by paying them as vendors to distribute the magazine, has confirmed being impacted by a cyber incident.
The confirmation follows the company being listed on the Qilin ransomware gang’s darknet extortion site on Sunday, alongside the claim that the gang stole 550 gigabytes of confidential data including files related to commercial and personnel operations.
-
The Record ☛ St. Cloud most recent in string of Florida cities hit with ransomware
The city of St. Cloud said Monday it discovered a ransomware attack affecting city services and warned that while “many” city departments are affected they are “operating as best as possible until the issue is resolved.” St. Cloud is located about an hour south of Orlando and has 60,000 residents.
-