Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label China. Show all posts
Telecom
China Cyber Security Hackers Telecom

China Launches Advanced Quantum Security Network Said to Be “Unhackable”

 


A major Chinese telecom company has launched what it claims is the first commercial security system that can protect digital communication from even the most powerful future hackers — including those using quantum computers.

China Telecom Quantum, a state-owned firm, recently introduced a new kind of encryption system that combines two advanced technologies to create strong protection for data, phone calls, and user identity. This system was successfully used to make a secure phone call between Beijing and Hefei  a distance of more than 1,000 kilometers — without risking any data leaks or breaches.


The Problem: Quantum Computers Could Break Today’s Encryption

As quantum computing continues to develop, it is expected to pose a serious threat to current cybersecurity systems. These new types of computers are extremely fast and powerful, and experts believe they could one day crack the encryption used to protect sensitive information like passwords, bank data, and government records.

To stay ahead of these threats, China Telecom has built a new system that combines:

1. A quantum-based method that sends encryption keys using the principles of quantum physics, making them nearly impossible to steal or intercept.

2. A mathematics-based method that protects data using very difficult equations that even quantum computers would find hard to solve.


This two-layer approach forms a highly secure framework to protect digital communication.


Tested in Real Conditions and Ready to Use

China Telecom says the system has been tested successfully and is ready to be used on a large scale. The company has already created secure quantum networks in 16 cities, including Beijing, Shanghai, Guangzhou, and Hefei.

These networks now make up a nationwide secure communication system. Among them, Hefei’s network is the largest and most advanced in the world, with eight main hubs and over 150 connection points spread across 1,147 kilometers. It is already being used by around 500 government departments and nearly 400 publicly owned companies.


Extra Tools for Safe Messaging and Document Management

The company has also introduced two new secure tools:

• Quantum Secret — a messaging and teamwork app designed to keep communication safe from even advanced hackers.

• Quantum Cloud Seal — a platform made for secure digital approvals, auditing, and managing documents for businesses and government offices.

Both tools are already being used across different industries in China.

With this launch, China has taken a major step toward building a future-ready cybersecurity system — one that can stay strong even as quantum computing technology continues to grow.

Read more »
Vulnerabilities and Exploits
China CISA IP Address Ransomware SAP Bug Vulnerabilities and Exploits

Ransomware Hackers Target SAP Servers Through Critical Flaw

 


A newly discovered security hole in SAP’s NetWeaver platform is now being misused by cybercriminals, including ransomware gangs. This flaw allows attackers to run harmful commands on vulnerable systems from a distance—without even needing to log in.

SAP issued urgent software updates on April 24 after learning about the flaw, found in NetWeaver’s Visual Composer tool. The weakness, labeled CVE-2025-31324, makes it possible for attackers to upload files containing malware. Once inside, they can take full control of the affected system.

ReliaQuest, a cybersecurity firm that tracked this issue, now says that two known ransomware groups, RansomEXX and BianLian have joined in. Although they haven’t yet successfully launched any ransomware in these cases, their involvement shows that multiple criminal groups are watching this flaw closely.

Investigators linked BianLian to at least one incident using an IP address tied to their past operations. In another case, RansomEXX attackers used a backdoor tool called PipeMagic and also took advantage of a previously known bug in Microsoft’s Windows system (CVE-2025-29824).

Even though their first effort didn’t succeed, the attackers made another attempt using a powerful hacking framework called Brute Ratel. They delivered it using a built-in Microsoft function called MSBuild, which helped them run the attack in a sneaky way.

More recently, security teams from Forescout and EclecticIQ connected this activity to hackers linked to China. These groups, tracked under various names, were also found to be exploiting the same SAP vulnerability. In fact, they managed to secretly install backdoors on at least 581 SAP systems, including some tied to national infrastructure in the US, UK, and Saudi Arabia. Their plans may also include targeting nearly 2,000 more systems soon.

Experts believe these hidden access points could help foreign state-sponsored hackers gather intelligence, interfere with operations, or even achieve military or economic goals. Since SAP systems are often connected to important internal networks, the damage could spread quickly within affected organizations.

SAP has also fixed another weakness (CVE-2025-42999), which had been silently misused since March. To stay safe, system administrators are advised to apply the patches immediately. If they can’t update right away, disabling the Visual Composer tool can help. They should also restrict access to certain features and monitor their systems closely for anything unusual.

The US government’s cyber agency CISA has officially listed this flaw as a known risk. Federal departments were told to patch their systems by May 20 to avoid falling victim.

Read more »
TikTok
China Data Regulation Europe GDPR Privacy Social Media TikTok

EU Fines TikTok $600 Million for Data Transfers to China

EU Fines TikTok $600 Million for Data Transfers to China

Regulators said that the EU has fined TikTok 530 million euros (around $600 million). Chinese tech giant ByteDance owns TikTok, which has been found guilty of illegally sending the private data of EU users to China and lack of compliance to ensure the protection of data from potential access by Chinese authorities. According to an AFP news report, the penalty— one of the largest ever issued to date by EU’s data protection agencies— comes after a detailed inquiry into the legitimacy of TikTok’s data transfer rules. 

TikTok Fine and EU

TikTok’s lead regulator in Europe, Ireland’s Data Protection Commission (DPC) said that TikTok accepted during the probe about hosting European user data in China. DPC’s deputy commissioner Graham Doyle said that “TikTok failed to verify, guarantee, and demonstrate that the personal data of (European) users, remotely accessed by staff in China, was afforded a level of protection essentially equivalent to that guaranteed within the EU,”

Besides this, Doyle said that TikTok’s failure to address the dangers of possible access to Europeans’s private data by Chinese authorities under China’s anti-terrorism, counter-espionage, and other regulations, which TikTok itself found different than EU’s data protection standards. 

TikTok will contest the decision

TikTok has declared to contest the heavy EU fine, despite the findings. TikTok Europe’s Christine Grahn stressed that the company has “never received a request” from authorities in China for European users’ data and that “TikTok” has never given EU users’ data to Chinese authorities. “We disagree with this decision and intend to appeal it in full,” Christine said. 

TikTok boasts a massive 1.5 billion users worldwide. In recent years, the social media platform has been under tough pressure from Western governments due to worries about the misuse of data by Chinese actors for surveillance and propaganda aims. 

TikTok to comply with EU Rules

In 2023, the Ireland DPC fined TikTok 354 million euros for violating EU rules related to the processing of children’s information. The DPC’s recent judgment also revealed that TikTok violated requirements under the EU’s General Data Protection Regulation (GDPR) by sending user data to China. The decision includes a 530 million euro administrative penalty plus a mandate that TikTok aligns its data processing rules with EU practices within 6 months. 

Read more »
Vulnerability
China Cybersecurity espionage Ivanti malware VPN Vulnerability

Chinese Cyber Espionage Suspected in New Ivanti VPN Malware Attack

 

A newly discovered cyberattack campaign targeting Ivanti VPN devices is suspected to be linked to a Chinese cyberespionage group. Security researchers believe the attackers exploited a critical vulnerability in Ivanti Connect Secure, which was patched by the Utah-based company in February. The attack is yet another example of how state-backed Chinese threat actors are rapidly taking advantage of newly disclosed vulnerabilities and frequently targeting Ivanti’s infrastructure.

On Thursday, researchers from Mandiant revealed that a group tracked as UNC5221 exploited a stack-based buffer overflow vulnerability to deploy malicious code from the Spawn malware ecosystem—an attack technique often associated with Chinese state-sponsored activity. Mandiant also identified two previously unknown malware families, which they've named Trailblaze and Brushfire. As seen in earlier attacks tied to Chinese hackers, this group attempted to manipulate Ivanti’s internal Integrity Checker Tool to avoid detection.

The vulnerability, officially tracked as CVE-2025-22457, was used to compromise multiple Ivanti products, including Connect Secure version 22.7R2.5 and earlier, the legacy Connect Secure 9.x line, Policy Secure (Ivanti’s network access control solution), and Zero Trust Access (ZTA) gateways. Ivanti released a patch for Connect Secure on February 11, emphasizing that Policy Secure should not be exposed to the internet, and that "Neurons for ZTA gateways cannot be exploited when in production."

Ivanti acknowledged the attack in a statement: "We are aware of a limited number of customers whose appliances have been exploited." The incident follows warnings from Western intelligence agencies about China's increasing speed and aggression in leveraging newly disclosed software vulnerabilities—often before security teams have time to deploy patches.

Many of the devices targeted were legacy systems no longer receiving software updates, such as the Connect Secure 9.x appliance, which reached end-of-support on December 31, 2024. Older versions of the Connect Secure product line, which were set to be replaced by version 22.7R2.6 as of February 11, were also compromised.

This marks the second consecutive year Ivanti has had to defend its products from persistent attacks by suspected Chinese state-backed hackers. Thursday’s advisory from Mandiant and Ivanti highlights a vulnerability separate from the one flagged in late March by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which had allowed attackers to install a Trojan variant linked to Spawn malware in Ivanti systems.
Read more »
Technology
AI Alibaba China Cloud DeepSeek GenAI Technology

Alibaba Launches Latest Open-source AI Model from Qwen Series for ‘Cost-effective AI agents’

Alibaba Launches Lates Open-source AI Model from Qwen Series for ‘Cost-effective AI agents’

Last week, Alibaba Cloud launched its latest AI model in its “Qwen series,” as large language model (LLM) competition in China continues to intensify after the launch of famous “DeepSeek” AI.

The latest "Qwen2.5-Omni-7B" is a multimodal model- it can process inputs like audio/video, text, and images- while also creating real-time text and natural speech responses, Alibaba’s cloud website reports. It also said that the model can be used on edge devices such as smartphones, providing higher efficiency without giving up on performance. 

According to Alibaba, the “unique combination makes it the perfect foundation for developing agile, cost-effective AI agents that deliver tangible value, especially intelligent voice applications.” For instance, the AI can be used to assist visually impaired individuals to navigate their environment via real-time audio description. 

The latest model is open-sourced on forums GitHub and Hugging Face, after a rising trend in China post DeepSeek breakthrough R1 model open-source. Open-source means a software in which the source code is created freely on web for potential modification and redistribution. 

In recent years, Alibaba claims it has open-sourced more that 200 generative AI models. In the noise of China’s AI dominance intensified by DeepSeek due to its shoe string budget and capabilities, Alibaba and genAI competitors are also releasing new, cost-cutting models and services an exceptional case.

Last week, Chinese tech mammoth Baidu launched a new multimodal foundational model and its first reasoning-based model. Likewise, Alibaba introduced its updated Qwen 2.5 AI model in January and also launched a new variant of its AI assistant tool Quark this month. 

Alibaba has also made strong commitments to its AI plan, recently, it announced a plan to put $53 billion in its cloud computing and AI infrastructure over the next three years, even surpassing its spending in the space over the past decade. 

CNBC talked with Kai Wang, Asia Senior equity analyst at Morningstar, Mr Kai told CNBC that “large Chinese tech players such as Alibaba, which build data centers to meet the computing needs of AI in addition to building their own LLMs, are well positioned to benefit from China's post-DeepSeek AI boom.” According to CNBC, “Alibaba secured a major win for its AI business last month when it confirmed that the company was partnering with Apple to roll out AI integration for iPhones sold in China.”

Read more »
Mobile Applications
AI Chatbot China Cyber Security iOS iOS App Store. Mobile Applications Mobile App Mobile Applications

Tencent’s AI Chatbot Yuanbao Becomes China’s Most Downloaded iOS App

 

Tencent’s AI chatbot, Yuanbao, has surpassed DeepSeek to become the most downloaded free app on China’s iOS App Store. The chatbot, launched in May 2024, gained significant traction following Tencent’s integration of DeepSeek’s R1 reasoning model in February. This move provided users with an additional AI option alongside Tencent’s proprietary Hunyuan model. As a result, Tencent’s Hong Kong-listed shares rose by 1.6% on Tuesday. 

Tencent, which operates China’s largest social media platform, WeChat, further accelerated Yuanbao’s growth by adding a download button for the chatbot within the app. This gave its 1.3 billion users direct access to the AI tool, significantly boosting downloads. By late February, the number of daily active users surged from a few hundred thousand to three million, according to Li Bangzhu, founder of AIcpb.com, a website that tracks AI applications. 

This rise in popularity can largely be attributed to Tencent’s extensive promotional efforts. The company has leveraged WeChat’s vast ecosystem to recommend Yuanbao to users, place ads on its social timeline, and integrate the chatbot across other Tencent applications. In addition to its AI chatbot expansion, Tencent recently reorganized several teams, including those for Yunbao, QQ Browser, Sogou Pinyin, and learning assistant Im, moving them under its Cloud and Smart Industries Group.
  
The company’s aggressive push into AI comes amid intensifying competition from major Chinese tech firms such as Alibaba, Baidu, and ByteDance. Last month, Tencent launched Hunyuan Turbo S, an upgraded AI model designed for faster responses compared to its predecessors and even outperforming DeepSeek. Meanwhile, Baidu announced that it would introduce the latest version of its Ernie 4.5 model this month, which will be made open source on June 30. 

The company will also make its Ernie Bot chatbot free for all users starting April 1. ByteDance is also ramping up its AI efforts, with CEO Liang Rubo prioritizing advancements in generative AI for the first quarter of 2025. The company has launched the Seed Edge project, which focuses on long-term AI research, and has hired AI expert Wu Yonghui from Google to lead its foundational research initiatives. 

With rapid developments in the AI sector, Tencent’s strategic moves indicate its ambition to stay ahead in China’s competitive AI landscape. The success of Yuanbao highlights the increasing importance of AI-powered applications, as well as the role of major tech companies in shaping the future of digital interaction.
Read more »
Ransomware Payload
China Cyber Crime cyber espionage Nailaolocker Ransomware Payload

European Healthcare Entities Targeted With NailaoLocker Ransomware

 

A previously undocumented ransomware payload named NailaoLocker has been detected in assaults targeting European healthcare entities between June and October 2024. 

The attackers employed CVE-2024-24919, a Check Point Security Gateway vulnerability, to obtain access to targeted networks and install the ShadowPad and PlugX malware families, which are closely associated with Chinese state-sponsored threat groups. Orange Cyberdefense CERT attributes the attacks to Chinese cyber-espionage tactics, while there is insufficient evidence to assign them to specific groups. 

According to Orange experts, NailaoLocker is a rather rudimentary ransomware strain when compared to the most renowned families in the area. Orange classifies NailaoLocker as a simple ransomware because it does not terminate security processes or operating services, lacks anti-debugging and sandbox evasion methods, and does not search network shares. 

The malware is installed on target systems using DLL sideloading (sensapi.dll), which involves a genuine and signed executable (usysdiag.exe). The malware loader (NailaoLoader) investigates the environment using memory address checks before decrypting and loading the main payload (usysdiag.exe.dat) into memory. 

The NailaoLocker then activates and begins encrypting files with an AES-256-CTR scheme, appending the ".locked" extension to the encrypted files. After the encryption is completed, the ransomware sends an HTML ransom note with the unusually long filename "unlock_please_view_this_file_unlock_please_view_this_file_unlock_please_view_this_file_unlock_please_view_this_file_unlock_please.html.”

Combining ransomware and espionage

After further investigation, Orange claims to have discovered some parallels between the ransom note's content and a ransomware tool sold by a cybercrime company known as Kodex Softwares (previously Evil Extractor). However, there were no obvious code overlaps, thus the relationship was fuzzy. 

Orange has proposed numerous hypotheses for the assaults, including false flag operations designed to distract, deliberate data theft operations combined with income creation, and, most likely, a Chinese cyberespionage organisation "moonlighting" to generate some money. 

Symantec only revealed last week that suspected Emperor Dragonfly (also known as Bronze Starlight) agents were using RA World ransomware to target Asian software companies and demanding a $2 million ransom. 

The shift in strategy is concerning since Chinese state-backed players have not adopted the strategy of North Korean actors, who are known to pursue several objectives concurrently, including financial advantages through ransomware operations.
Read more »
DeepSeek
AI Models AI technology AI Threat China Cyber Security Data Mining Data Privacy data security DeepSeek

DeepSeek AI Raises Data Security Concerns Amid Ties to China

 

The launch of DeepSeek AI has created waves in the tech world, offering powerful artificial intelligence models at a fraction of the cost compared to established players like OpenAI and Google. 

However, its rapid rise in popularity has also sparked serious concerns about data security, with critics drawing comparisons to TikTok and its ties to China. Government officials and cybersecurity experts warn that the open-source AI assistant could pose a significant risk to American users. 

On Thursday, two U.S. lawmakers announced plans to introduce legislation banning DeepSeek from all government devices, citing fears that the Chinese Communist Party (CCP) could access sensitive data collected by the app. This move follows similar actions in Australia and several U.S. states, with New York recently enacting a statewide ban on government systems. 

The growing concern stems from China’s data laws, which require companies to share user information with the government upon request. Like TikTok, DeepSeek’s data could be mined for intelligence purposes or even used to push disinformation campaigns. Although the AI app is the current focus of security conversations, experts say that the risks extend beyond any single model, and users should exercise caution with all AI systems. 

Unlike social media platforms that users can consciously avoid, AI models like DeepSeek are more difficult to track. Dimitri Sirota, CEO of BigID, a cybersecurity company specializing in AI security compliance, points out that many companies already use multiple AI models, often switching between them without users’ knowledge. This fluidity makes it challenging to control where sensitive data might end up. 

Kelcey Morgan, senior manager of product management at Rapid7, emphasizes that businesses and individuals should take a broad approach to AI security. Instead of focusing solely on DeepSeek, companies should develop comprehensive practices to protect their data, regardless of the latest AI trend. The potential for China to use DeepSeek’s data for intelligence is not far-fetched, according to cybersecurity experts. 

With significant computing power and data processing capabilities, the CCP could combine information from multiple sources to create detailed profiles of American users. Though this might not seem urgent now, experts warn that today’s young, casual users could grow into influential figures worth targeting in the future. 

To stay safe, experts advise treating AI interactions with the same caution as any online activity. Users should avoid sharing sensitive information, be skeptical of unusual questions, and thoroughly review an app’s terms and conditions. Ultimately, staying informed and vigilant about where and how data is shared will be critical as AI technologies continue to evolve and become more integrated into everyday life.
Read more »
Subscribe to: Posts (Atom)