Two Chinese military jets. Both made in Canada.
https://globe.adsbexchange.com/?icao=7a4431,7b0fcd
Two Chinese military jets. Both made in Canada.
https://globe.adsbexchange.com/?icao=7a4431,7b0fcd
>Ancient Greek Jugs
>putin in israel
>putin in china
>putin in america
>putin in tatar
>putin in vietnam with GWB
Putin with Reagan
>Huawei and Ericsson have been in a Patent-sharing agreement since at least 2002…
meanwhile…
Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says
Lumen said it assessed the hacking campaign in the US and abroad was carried by alleged Chinese government-backed group ‘Volt Typhoon’
Published: 1:38am, 28 Aug 2024
A Chinese hacking group exploited a software bug to compromise several internet companies in the United States and abroad, a cybersecurity firm said on Tuesday.
Researchers at the firm, Lumen Technologies, said in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director – a software platform used to manage services for customers of Santa Clara, California-based Versa Networks.
It said four US targets and one non-US victim had been identified. Lumen did not name the victims and did not immediately respond to a request seeking further details.
Versa Networks issued an advisory on Monday acknowledging that the vulnerability had been exploited “in at least one known instance” by an advanced group of hackers, and urged customers to upgrade their software to fix the bug.
Lumen’s blog post said that its researchers assessed with “moderate confidence” that the hacking campaign was carried by an alleged Chinese government-backed group nicknamed “Volt Typhoon”. The attacks happened as early as June 12, Lumen said.
The Chinese embassy in Washington did not immediately respond to a request seeking comment, although Beijing routinely denies allegations of its involvement in cyberespionage.
US officials did not immediately respond to a request for comment but on Friday the US Cybersecurity and Infrastructure Security Agency added the Versa vulnerability to its list of “known exploited vulnerabilities”
Brandon Wales, the recently departed executive director of CISA, was quoted by The Washington Post newspaper on Tuesday as saying China’s hacking effort had “dramatically stepped up from where it used to be”.
Volt Typhoon has emerged as a group of particular concern to US cybersecurity officials.
In April, Federal Bureau of Investigation (FBI) director Christopher Wray said China was developing the “ability to physically wreak havoc” on US critical infrastructure and that Volt Typhoon had burrowed into numerous US telecommunications, energy, water and other critical services companies.
https://www.scmp.com/news/world/united-states-canada/article/3276162/chinese-hackers-exploited-bug-compromise-internet-companies-cybersecurity-firm-says?module=perpetual_scroll_0&pgtype=article
>Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says
That's the "sanitized" South China Morning Post version.
Others go into more detail about targets.
https://timesofindia.indiatimes.com/world/us/chinese-hackers-exploited-bug-to-compromise-internet-companies-cybersecurity-firm-says/articleshow/112851496.cms
Chinese government hackers targeted US internet providers with zero-day exploit, researchers say
Lorenzo Franceschi-Bicchierai
7:00 AM PDT • August 27, 2024
A group of hackers linked to the Chinese government used a previously unknown vulnerability in software to target U.S. internet service providers, security researchers have found.
The group known as Volt Typhoon was exploiting the zero-day flaw — meaning the software maker was unaware of it before having time to patch — in Versa Director, a piece of software made by Versa Networks, according to researchers at Black Lotus Labs, which is part of cybersecurity firm Lumen.
Versa sells software to manage network configurations, and is used by internet service providers (ISPs) and managed service providers (MSPs), which makes Versa “a critical and attractive target” for hackers, the researchers wrote in a report published on Tuesday.
This is the latest discovery of hacking activities carried out by Volt Typhoon, a group that is believed to be working for the Chinese government. The group focuses on targeting critical infrastructure, including communication and telecom networks, with the goal of causing “real-world harm” in the event of a future conflict with the United States. U.S. government officials testified earlier this year that the hackers aim to disrupt any U.S. military response in a future anticipated invasion of Taiwan.
The hackers’ goals, according to Black Lotus Labs’ researchers, were to steal and use credentials on downstream customers of the compromised corporate victims. In other words, the hackers were targeting Versa servers as crossroads where they could then pivot into other networks connected to the vulnerable Versa servers, Mike Horka, the security researcher who investigated this incident, told TechCrunch in a call.
Contact Us
Do you have more information about Volt Typhoon, or other government-sponsored hacking activities? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. You also can contact TechCrunch via SecureDrop.
“This wasn’t limited to just telecoms, but managed service providers and internet service providers,” said Horka. “These central locations that they can go after, which then provide additional access.” Horka said these internet and networking companies are targets themselves, “very likely because of the access that they could potentially provide to additional downstream customers.”
Horka said he found four victims in the United States, two ISPs, one MSP and an IT provider; and one victim outside of the U.S., an ISP in India. Black Lotus Labs did not name the victims.
Versa’s Chief Marketing Officer Dan Maier told TechCrunch in an email that the company has patched the zero-day identified by Black Lotus Labs.
“Versa confirmed the vulnerability and issued an emergency patch at that time. We have since issued a comprehensive patch and distributed this to all customers,” said Maier, adding that researchers warned the company of the flaw in late June.
Maier told TechCrunch that Versa itself was able to confirm the flaw and observe the “APT attacker” taking advantage of it.
Black Lotus Labs said it alerted the U.S. cybersecurity agency CISA of the zero-day vulnerability and the hacking campaign. On Friday, CISA added the zero-day to its list of vulnerabilities that are known to have been exploited. The agency warned that “these types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”
https://techcrunch.com/2024/08/27/chinese-government-hackers-targeted-u-s-internet-providers-with-zero-day-exploit-researchers-say/
>Horka said he found four victims in the United States, two ISPs, one MSP and an IT provider; and one victim outside of the U.S., an ISP in India. Black Lotus Labs did not name the victims.
Some are saying that the hacking targets are ones that US Gov intel uses.
Anon is sure the recent rash of app updates pushed out for Android devices, including an OS update, are purely coincidental.
If we've learned anything it is this. They lie. So when they tell you Russian election interference. You can be certain that it is really China.
Daily Global X Airlines (aka: Illegal Immigrant Air) update.
https://globe.adsbexchange.com/?icao=a2e13a,a83f98,a2c4e0,a2bd72,a2d25e,a2d615,ab7437,a835d1,a2f9dd,a2f016,ad7274,a75013,a2c129,a4d4cc
Chinese Military helicopter. Made by Airbus.
https://globe.adsbexchange.com/?icao=7aa30b
>Anon ponders how many zero-day exploits will be used in the run-up to election.
This anon ponders how many will be used during the election.
>deliberately
where needed
but with DEI sometimes sabotage happens organically
from the wellspring of victim mentality
doncha know?
>network outage at the Ministry of Defense caused major IT failures across the country.
Why wasn't only the MOD affected?
nevermind, anon gets it.
here ya go anon
hope that's better for ya
no one should be subjected to that sort of treatment