dChan
Anonymous ID: 6c39e1 Jan. 6, 2025, 8:56 a.m. No.22302721   ๐Ÿ—„๏ธ.is ๐Ÿ”—kun   >>2738

>>22302672

but yes, the major point here is FVEY

 

Temporais the codeword for a formerly-secret computer system that is used by the British Government Communications Headquarters (GCHQ). This system is used to buffer most Internet communications that are extracted from fibre-optic cables, so these can be processed and searched at a later time.[2] It was tested from 2008 and became operational in late 2011.

 

Tempora uses intercepts on the fibre-optic cables that serve as the backbone of the Internet to gain access to large amounts of Internet users' personal data, without any individual suspicion or targeting. The intercepts are placed in the United Kingdom and on the UK military base at Ayios Nikolaos in the British Overseas Territory of Akrotiri and Dhekelia. The intercepts are placed with the knowledge of companies owning either the cables or landing stations.

 

The existence of Tempora was revealed by Edward Snowden, a former American intelligence contractor who leaked information about the program to former Guardian journalist Glenn Greenwald in May 2013 as part of his revelations of government-sponsored mass surveillance programs. Documents Snowden acquired showed that data collected by the Tempora program is shared with the National Security Agency of the United States.

Anonymous ID: 6c39e1 Jan. 6, 2025, 9:43 a.m. No.22302986   ๐Ÿ—„๏ธ.is ๐Ÿ”—kun

U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns

 

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims.

 

These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or RedJuliett), which was outed last year as operating an Internet of Things (IoT) botnet called Raptor Train.

 

The hacking crew has been active since at least mid-2021, targeting various entities across North America, Europe, Africa, and across Asia. Attacks mounted by Flax Typhoon have typically leveraged known vulnerabilities to gain initial access to victims' computers and then make use of legitimate remote access software to maintain persistent access.

 

The Treasury Department described Chinese malicious cyber actors as one of the "most active and most persistent threats to U.S. national security," repeatedly targeting U.S. government systems, including those associated with the federal agency.

 

"The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions," said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith. "The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defenses."

 

Integrity Group, also known as Yongxin Zhicheng, has been accused of providing infrastructure support to Flax Typhoon cyber campaigns between mid-2022 and late-2023, with the U.S. Department of State classifying it as a government contractor with ties to the People's Republic of China (PRC) Ministry of State Security. It was established in September 2010.

 

"It provides services to country and municipal State Security and Public Security Bureaus, as well as other PRC cybersecurity government contractors," the State Department noted.

 

"'Flax Typhoon' hackers have successfully targeted multiple U.S. and foreign corporations, universities, government agencies, telecommunications providers, and media organizations."

 

https://thehackernews.com/2025/01/us-treasury-sanctions-beijing.html

 

โ€”

 

Also active in Taiwan: https://www.microsoft.com/en-us/security/blog/2023/08/24/flax-typhoon-using-legitimate-software-to-quietly-access-taiwanese-organizations/