1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft thinks China could be stockpiling cybercrime threats

    From TechnologyDaily@1337:1/100 to All on Mon Nov 7 14:45:03 2022
    Microsoft thinks China could be stockpiling cybercrime threats

    Date:
    Mon, 07 Nov 2022 14:37:12 +0000

    Description:
    Zero-day flaw reports from China have declined, but the country still poses a threat to the US, researchers claim.

    FULL STORY ======================================================================

    China is hoarding a host on undisclosed security vulnerabilities to later use against its adversaries in the West, Microsoft has claimed.

    In a recent report , the company noted that China has recently changed its laws to allow the government to keep newly discovered flaws away from the public eye. That way, it would be able to use it later against vulnerable endpoints , when the right time comes.

    China introduced a new law in 2021 that said whenever an organization discovered a flaw, it must first report it to local authorities before going public, The Register reminds. A year later, the Atlantic Council reported on the results of the change - namely that vulnerability reports originating
    from China were declining, while anonymous reports were on the rise. "Particularly proficient" threat actors

    "The increased use of zero days over the last year from China-based actors likely reflects the first full year of China's vulnerability disclosure requirements for the Chinese security community and a major step in the use
    of zero-day exploits as a state priority," Microsoft argues.

    The Redmond giant also said Chinese threat actors were particularly
    proficient at discovering and using zero-day vulnerabilities. Read more

    China is doubling down on Linux in a bid to leave Windows behind


    China wants to censor all online comments and hold posters responsible for
    reactions


    These are the best cloud firewalls right now

    Microsofts report did not focus exclusively on China, though, as the 114-page document also covers Russia, Iran, and North Korea. While for Russia, the document focused on the most obvious thing - the countrys relentless
    targeting of the Ukrainian government and the countrys critical infrastructure, as part of a wider war effort against its southwestern neighbor, Iran aggressively sought inroads into US critical infrastructure such as port authorities.

    North Korea, on the other hand, was observed continuing with its campaign of stealing cryptocurrency from financial and technology companies to continue funding the governments operations.

    Although nation-state actors can be technically sophisticated and employ a wide variety of tactics, their attacks can often be mitigated by good cyber hygiene, Microsoft concluded. Many of these actors rely on relatively
    low-tech means, such as spear-phishing emails, to deliver sophisticated malware instead of investing in developing customized exploits or using targeted social engineering to achieve their objectives. Check out the best firewalls around

    Via: The Register



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-thinks-china-could-be-stockpiling-cyb ercrime-threats/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)