1(520) 261-1728

info@threatintel-solutions.net

Threat Intel Solutions

Let’s Talk

How Chinese insiders are stealing data scooped up by President Xi’s national surveillance system

#### [Public Sector](/on_prem/public_sector/)How Chinese insiders are stealing data scooped up by President Xi’s national surveillance system================================================================================================’It’s a double-edged sword,’ security researchers tell The Reg————————————————————–[Jessica Lyons](/Author/Jessica-Lyons ‘Read more by this author’) Sun 8 Dec 2024 // 17:00 UTC [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system) [](https://twitter.com/intent/tweet?text=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system&url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system&summary=%27It%27s%20a%20double-edged%20sword%2c%27%20security%20researchers%20tell%20The%20Reg) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) Feature Chinese tech company employees and government workers are siphoning off user data and selling it online – and even high-ranking Chinese Communist Party officials and FBI-wanted hackers’ sensitive information is being peddled by the Middle Kingdom’s thriving illegal data ecosystem.’While Western cybercrime research focuses heavily on criminals in the English- and Russian-speaking worlds, there is also a large community of Chinese-speaking cybercriminals who engage in scammy, low-level, financially motivated cybercrime,’ SpyCloud senior security researcher Kyla Cardona [said](https://www.cyberwarcon.com/flies-on-the-great-wall) during a talk at last month’s Cyberwarcon in Arlington, Virginia.It’s no secret that President Xi Jinping’s government uses technology companies to help maintain the nation’s massive [surveillance apparatus](https://www.theregister.com/2024/07/29/doj_tiktok_filing_china_data/). ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_onprem/publicsector&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z1XtDE1FcmKWEatrPIZMrwAAARc&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0)But in addition to forcing businesses operating in China to stockpile and hand over info about their users for censorship and state-snooping purposes, a black market for individuals’ sensitive data is also booming. Corporate and government insiders have access to this harvested private info, and the financial incentives to sell the data to fraudsters and crooks to exploit. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_onprem/publicsector&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z1XtDE1FcmKWEatrPIZMrwAAARc&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0) ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_onprem/publicsector&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z1XtDE1FcmKWEatrPIZMrwAAARc&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0)’It’s a double-edged sword,’ Cardona told *The Register* during an interview alongside SpyCloud infosec researcher Aurora Johnson.’The data is being collected by rich and powerful people that control technology companies and work in the government, but it can also be used against them in all of these scams and fraud and other low-level crimes,’ Johnson added.### China’s thriving data black marketTo get their hands on the personal info, Chinese data brokers often recruit shady insiders with wanted ads seeking ‘friends’ working in government, and promise daily income of 20,000 to 70,000 yuan ($2,700 and $9,700) in exchange for harvested information. This data is then used to pull off scams, fraud, and suchlike.Some of these data brokers also claim to have ‘signed formal contracts’ with the big three Chinese telecom companies: China Mobile, China Unicom, and China Telecom. The brokers’ marketing materials tout they are able to legally obtain and sell details of people’s internet habits via the Chinese telcos’ deep packet inspection systems, which monitor as well as manage and store network traffic. (The West has [also seen](https://www.theregister.com/2009/04/24/deep_packet_inspection/) this [kind of thing](https://www.theregister.com/2008/04/10/american_isps_embrace_behavioral_ad_targeting/).) ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_onprem/publicsector&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z1XtDE1FcmKWEatrPIZMrwAAARc&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0)Crucially, this level of surveillance by the telcos gives their employees access to users’ browsing data and other info, which workers can then swipe and then resell themselves through various brokers, Cardona and Johnson said.Scammers and other criminals are buying copies of this personal information, illicitly obtained or otherwise, for their swindles, but it’s also being purchased by legitimate businesses for sales leads — to [sell people car insurance](https://www.reuters.com/article/technology/data-dump-china-sees-surge-in-personal-information-up-for-sale-idUSKCN1L80IW/) when theirs is about to expire, for example.Information acquired through DPI also seems to be a major source of the stolen personal details that goes into the so-called ‘social engineering databases,’ or SGKs (short for shegong ku ), according to the researchers.> It poses privacy risks to all Chinese people across all groups. And then it also gives us Western cybersecurity researchers a really interesting source to track some of these actorsIn addition to amassing information collected from DPI, these databases contain personal details provided by underhand software development kits (SDKs) buried in apps and other programs, which basically spy on users in real time, as well as records stolen during IT security breaches.SGK records include personal profiles (names, genders, addresses, dates of birth, phone numbers, email and social media account details, zodiac signs), bank account and other financial information, health records, property and vehicle information, facial recognition scans and photos, criminal case details, and more. Some of the SGK platforms allow users to do reverse lookups on potential targets, allowing someone to be ultimately identified from their otherwise non-identifying details.This data is advertised and sold, or sometimes given away for free, on more well-known places like Telegram announcement channels and also on dark web souks. Subscribers can purchase access to a basic lookup service, which is cheap (between $1 and $5) and allows a buyer to query a database of information obtained via a security breach. Or they can spend more on a private or premium lookup that typically involves rifling through a database of information stolen by a rogue insider from their place of employment.### What you can find via ‘social engineering databases’One SGK that has since been taken down had more than 3 million users. As of now, one of the biggest stolen-info databases has 317,000 subscribers, we’re told, while most of the search services each see about 90,000 users per month.’If you can’t find something on one, you’ll probably find it in another, or you’ll find it in a Chinese data-leak channel,’ Cardona said. ‘This is a really important part of the entire cybercrime ecosystem, and it’s being missed by the Western side.’During the Cyberwarcon presentation, the duo showed a series of case study slides that highlighted the types of information anyone can find in SGKs. Some of these contained personal information about ethnic minorities living in China. One also displayed a ton of sensitive details belonging to a high-ranking CCP member. A free SGK search query about this individual pulled up the person’s name, physical address, mobile number, national ID number, birth date, gender, and issuing authority, which the researcher surmised is the issuing authority for the ID card.An additional query produced even more: The person’s WeChat ID, vehicle information, hobbies and industry information, marital status, and monthly salary, and his phone’s International Mobile Equipment Identity (IMEI) number with a link to click for more information about the device.The researchers found similar info about a People’s Liberation Army member using SGKs, plus details about suspected nation-state-backed criminals wanted by the FBI.### FBI-wanted fugitives aren’t immune, eitherThey started with one fugitive living in China, [Fu Qiang](https://www.theregister.com/2020/09/16/doj_china_hack_arrests/), aka StandNY, who in 2020 was charged by the Feds with breaking into more than 100 computers across the globe. According to the US government, he is a member of China’s APT41, aka Wicked Panda, and employed by Chengdu 404 Network Technology, which infiltrates organizations around the world on behalf of the Chinese government.US-based SpyCloud collects and aggregates stolen and leaked data — not for nefarious purposes, but to help customers prevent account takeovers and identity theft — and the researchers used this data collected from one security breach to connect a random person’s phone number to their name and online alias.Looking up that phone number in a couple of SGKs produced the IMEI, Tencent QQ information, address, password hash from a breach of e-commerce company JD.com, multiple account passwords, and an IP address.* [Good: US boasts it collared two in Chinese hacking bust. Bad: They aren’t the actual hackers, rest are safe in China](https://www.theregister.com/2020/09/16/doj_china_hack_arrests/)* [Salt Typhoon’s surge extends far beyond US telcos](https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/)* [Telco engineer who spied on US employer for Beijing gets four years in the clink](https://www.theregister.com/2024/11/27/telco_spy_beijing_jailed/)* [China has utterly pwned ‘thousands and thousands’ of devices at US telcos](https://www.theregister.com/2024/11/25/salt_typhoon_mark_warner_warning/)The duo had similar success with [Zhu Hua](https://www.theregister.com/2018/12/20/two_alleged_chinese_hackers/), who is also wanted by the FBI for allegedly compromising cloud giants, aerospace and defense companies, chip designers, and US government agencies and military on behalf of Beijing.And then they turned their attention to Wu Haibo, aka shutd0wn, founder and CEO of [I-Soon](https://www.theregister.com/2024/03/19/china_cyberspies_earth_krahang/), which suffered its own data leak earlier this year that exposed China’s massive data stealing efforts.A couple of SGK queries uncovered his email addresses and multiple passwords, WeChat ID and QQ account information, physical address, birth date, national ID number, and a hotel check-in from a few years back.’This could be a very powerful tool to track advanced threat actors and pivot off of any selector you have to find more data on an individual and get a complete user picture of them,’ Johnson said.’There is a huge ecosystem of Chinese breached and leaked data, and I don’t know that a lot of Western cybersecurity researchers are looking at this,’ Johnson continued. ‘It poses privacy risks to all Chinese people across all groups. And then it also gives us Western cybersecurity researchers a really interesting source to track some of these actors that have been targeting critical infrastructure.’ ® [Sponsored: Where do European SMEs start when it comes to conquering the world?](https://go.theregister.com/tl/3112/shttps://www.theregister.com/2024/11/25/where_do_european_smes_start/) Share [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system) [](https://twitter.com/intent/tweet?text=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system&url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system&summary=%27It%27s%20a%20double-edged%20sword%2c%27%20security%20researchers%20tell%20The%20Reg) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) #### More about* [China](/Tag/China/)* [Cybercrime](/Tag/Cybercrime/)* [Security](/Tag/Security/) More like these × ### More about* [China](/Tag/China/)* [Cybercrime](/Tag/Cybercrime/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [China Mobile](/Tag/China%20Mobile/)* [China telecom](/Tag/China%20telecom/)* [China Unicom](/Tag/China%20Unicom/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Cyberspace Administration of China](/Tag/Cyberspace%20Administration%20of%20China/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Great Firewall](/Tag/Great%20Firewall/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [Hong Kong](/Tag/Hong%20Kong/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Information Technology and the People’s Republic of China](/Tag/Information%20Technology%20and%20the%20People%27s%20Republic%20of%20China/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [JD.com](/Tag/JD.com/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Semiconductor Manufacturing International Corporation](/Tag/Semiconductor%20Manufacturing%20International%20Corporation/)* [Shenzhen](/Tag/Shenzhen/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Uyghur Muslims](/Tag/Uyghur%20Muslims/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [APAC](/Tag/APAC/) #### More aboutShare [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system) [](https://twitter.com/intent/tweet?text=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system&url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=How%20Chinese%20insiders%20are%20stealing%20data%20scooped%20up%20by%20President%20Xi%27s%20national%20surveillance%20system&summary=%27It%27s%20a%20double-edged%20sword%2c%27%20security%20researchers%20tell%20The%20Reg) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) POST A COMMENT #### More about* [China](/Tag/China/)* [Cybercrime](/Tag/Cybercrime/)* [Security](/Tag/Security/) More like these × ### More about* [China](/Tag/China/)* [Cybercrime](/Tag/Cybercrime/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [China Mobile](/Tag/China%20Mobile/)* [China telecom](/Tag/China%20telecom/)* [China Unicom](/Tag/China%20Unicom/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Cyberspace Administration of China](/Tag/Cyberspace%20Administration%20of%20China/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Great Firewall](/Tag/Great%20Firewall/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [Hong Kong](/Tag/Hong%20Kong/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Information Technology and the People’s Republic of China](/Tag/Information%20Technology%20and%20the%20People%27s%20Republic%20of%20China/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [JD.com](/Tag/JD.com/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Semiconductor Manufacturing International Corporation](/Tag/Semiconductor%20Manufacturing%20International%20Corporation/)* [Shenzhen](/Tag/Shenzhen/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Uyghur Muslims](/Tag/Uyghur%20Muslims/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [APAC](/Tag/APAC/) #### TIP US OFF[Send us news](https://www.theregister.com/Profile/contact/)[#### T-Mobile US ‘monitoring’ China’s ‘industry-wide attack’ amid fresh security breach fearsupdated Un-carrier said to be among those hit by Salt Typhoon, including AT-&T, VerizonNetworks20 days -| 2](/2024/11/18/tmobile_us_attack_salt_typhoon/?td=keepreading) [#### Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’Redmond threat intel maven talks explains this persistent pain to *The Reg*Security3 days -| 16](/2024/12/06/chinese_cyberspy_us_data/?td=keepreading) [#### T-Mobile US takes a victory lap after stopping cyberattacks: ‘Other providers may be seeing different outcomes’Funny what putting more effort and resources into IT security can doCSO11 days -| 9](/2024/11/27/tmobile_cyberattack_victory_lap/?td=keepreading) [#### An easy route to AI-enhanced productivityHow the integration of Google Gemini across Google Workspace turbo charges existing apps with AI powerSponsored Feature](/2024/10/07/an_easy_route_to_aienhanced/?td=keepreading) [#### Salt Typhoon’s surge extends far beyond US telcosPlus, a brand-new backdoor, GhostSpider, is linked to the cyber spy crew’s operationsSecurity11 days -| 7](/2024/11/27/salt_typhoons_us_telcos/?td=keepreading) [#### China has utterly pwned ‘thousands and thousands’ of devices at US telcosSenate Intelligence Committee chair says his ‘hair is on fire’ as execs front the White HouseCyber-crime13 days -| 51](/2024/11/25/salt_typhoon_mark_warner_warning/?td=keepreading) [#### T-Mobile US CSO: Spies jumped from one telco to another in a way ‘I’ve not seen in my career’Interview Security chief talks to El Reg as Feds urge everyone to use encrypted chatCSO4 days -| 54](/2024/12/05/tmobile_cso_telecom_attack/?td=keepreading) [#### Telco security is a dumpster fire and everyone’s getting burnedOpinion The politics of cybersecurity are too important to be left to the politiciansSecurity6 days -| 63](/2024/12/02/telco_security_opinion/?td=keepreading) [#### Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senatorMeet Liminal Panda, which prowls telecom networks in South Asia and AfricaCSO18 days -| 32](/2024/11/20/musk_chinese_cyberspies/?td=keepreading) [#### Major energy contractor reports ‘limited’ access to IT after ransomware locks filesENGlobal customers include the Pentagon as well as major oil and gas producersSecurity5 days -| 11](/2024/12/03/us_energy_contractor_englobal_ransomware/?td=keepreading) [#### Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped onlineYet another result of the MOVEit messCyber-crime6 days -| 3](/2024/12/03/760k_xerox_nokia_bofa_morgan/?td=keepreading) [#### The only thing worse than being fired is scammers fooling you into thinking you’re firedScumbags play on victims’ worst fears in phishing campaign referencing UK Employment TribunalCyber-crime10 days -| 50](/2024/11/28/fired_phishing_campaign_cloudflare/?td=keepreading)

Related Tags:
Play

BARIUM

Brass Typhoon

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 517 – Telecommunications

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 92 – Public Administration

NAICS: 922 – Justice

Public Order

Safety Activities

Associated Indicators:

Search

Popular Posts

Categories

Archives

Tags

Follow Us