China hacked Canada government networks for 5 years.  [The Register]

China hacked Verizon, AT&T, wiretap systems.  [Ars Technica]  [Schneier]  [WSJ]  [Engadget]

Chinese spies spent months inside aerospace firm's network.  [The Register]

FBI shuts down Chinese botnet.  [Schneier]  [Gizmodo]  [The Register]

US can't keep ignoring apps like Temu while banning TikTok.  [Ars Technica]

DoJ sues TikTok for massive privacy invasion.  [The Verge]  [Ars Technica]  [Engadget]

China's APT40 ready to quickly attack new vulnerabilities.  [The Register]

Espionage with a drone.  [Schneier]  [Wired]

Germany look to ban Chinese telco gear.  [The Register]

How the West has struggled to keep up with China's spying.  [BBC News]

UK MoD hacked - blames China.  [Engadget]

POTUS signs TikTok ban into law.  [The Verge]  [Engadget]  [Ars Technica]

House votes to ban TikTok.  [Engadget]  [The Verge]  [BBC News]  [The Verge]

US pressures allies to keep chip service contracts with China unfulfilled.  [The Register]

China attacked New Zealand as well.  [The Register]

China uses F5, ConnectWise bugs to sell access into top US, UK networks.  [The Register]

The not-so-true people search network from China.  [Krebs]

Five Eyes advise infrastructure organisations to protect against China's Volt Typhoon.  [The Register]

CIA made fake social media accounts to troll Chinese government.  [The Verge]

TikTok's fate lies with the US Senate.  [The Verge]  [BBC News]

US lawmakers vote to force sale of TikTok.  [Ars Technica]  [Engadget]  [BBC News]  [Engadget]  [vArs Technica]

China surveillance company hacked.  [Schneier]

Leak shows business side of China's APT threat.  [Krebs]

US disrupts Chinese botnet supporting attacks on critical systems.  [Restore Privacy]  [The Register]  [Ars Technica]  [Graham Cluley]  [Engadget]

UK government denies China/Russia nuke plant hack claim.  [The Register]

UK to crack down on imported fibre optic cables form China.  [The Register]

Nvidia says US orders immediate halt to some AI chip exporst to China.  [BBC News]

MI5 head warns of 'epic scale' of Chinese espionage.  [BBC News]  [The Register]  [ExtremeTech]

Huawei wants to know what made EU label it high security risk.  [The Register]

Digicel Pacific bans Huawei in favour of Nokia.  [The Register]

Backdoored firmware lets China state hackers control routers with “magic packets”.  [Ars Technica]

China caught with malware in another nation's power grid.  [The Register]

Germany to cut Huawei from networks 'irrespective of costs'.  [The Register]

US Cyber Command: China cyber skills behind.  [The Register]

China has deep, persistent access to Japanese networks.  [Engadget]  [Schneier]  [Washington Post]

Microsoft signing key stolen by China.  [Schneier]  [WSJ]  [Reuters]

Deutsche Bahn stands to lose €400M if it has to remove Chinese kit.  [The Register]

Multiple Chinese APTs establish major beachheads inside US infrastructure.  [Ars Technica]

US to curb China access to public cloud services.  [DC Knowledge]

Flaw that lets hackers control Chinese surveillance cameras.  [BBC News]

EU - no Huawei kit safe to use in Europe.  [The Register]

China's cyber aimed at infrastructure.  [The Register]

UK government to set deadline for removal of Chinese surveillance cams.  [The Register]

Portugal considerig banning Huawei from 5G networks.  [Engadget]

Five Eyes and Microsoft accuse China of attacking US infrastructure.  [The Register]  [Schneier]

Huawei still prevalent in US networks.  [The Verge]

The West warns Malaysia to keep Huawei out of 5G networks.  [The Register]

FBI: China has 50 hackers for every agent.  [The Register]

Germany to examine China-made kit in its 5G networks over security concerns.  [The Register]

Inside the US government’s fight to ban TikTok.  [The Verge]

Australia bans TikTok from government devices.  [The Register]

UK spymaster: TikTok is China's trojan horse.  [The Register]

TikTok CEO fails to convince Congress that the app isn't a weapon for China.  [Ars Technica]  [The Verge]  [Engadget]

Why a TikTok ban could be hard to enforce.  [BBC News]

Huawei replaced 13,000 parts and redesigned circuit boards to avoid US sanctions.  [ExtremeTech]

BBC bans TikTok from corporate devices.  [The Register]  [BBC News]

NZ bans TikTok from government devices.  [Engadget]

ByteDance under investigation for surveillance of US journalists.  [Engadget]

How Chinese cyber spies exploited a critical Fortinet bug.  [The Register]

Tiktok banned from UK government phones.  [BBC News]  [Engadget]

US threatens ban if TikTok not sold.  [BBC News]  [The Verge]  [Engadget]

China sought control of submarine cables to spy.  [The Register]

Nederlands restricts chip-making exports to China.  [ExtremeTech]

Bipartisan bill to ban TikTok in the US.  [Ars Technica]

German 5G network ban looms for Huawei and ZTE.  [The Register]  [DC Knowledge]

TikTok answers three big cybersecurity fears.  [BBC News]

Canada bans Tiktok on government devices.  [BBC News]

Further calls to ban TikTok.  [Engadget]  [Schneier]

TikTok's transparency theatre.  [The Verge]

US moves to halt exports to Huawei.  [BBC News]

State-sponsored hackers in China compromise certificate authority.  [Ars Technica]

US charges alleged Chinese spies in telecoms probe case.  [BBC News]  [The Register]

NSA urges enterprises to watch China, Taiwan tensions.  [The Register]

UK telcos legally obligated to remove Huawei equipment.  [The Register]

GCHQ chief: Chinese technology poses major security risk.  [BBC News]

China upgrades Great Firewall to defeat censor-beating TLS tools.  [The Register]

China-linked spies used six backdoors to steal info from defense and industrial enterprise organisations.  [The Register]

Canada to ban China's Huawei and ZTE from its 5G networks.  [BBC News]

China-backed hackers breached government networks in at least six US states.  [The Verge]

The cost of ripping and replacing Chinese cellular equipment has ballooned by billions.  [The Verge]

US bans telecom giant China Unicom over spying concerns.  [BBC News]

Chinese spies accused of using Huawei in secret Australia telecom attack.  [DC Knowledge]  [DC Knowledge]

US puts drone maker DJI and seven other Chinese companies on investment blocklist.  [Engadget]  [BBC News]

Huawei documents reportedly show involvement in China's surveillance efforts.  [Engadget]

Microsoft seizes domains used by “highly sophisticated” hackers in China.  [Ars Technica]

Biden signs law blocking Huawei and ZTE from receiving FCC licenses.  [Engadget]  [BBC News]  [The Register]

Tetris - Chinese espionage tool.  [Schneier]  [The Record]

Huawei accused of pressuring US firm into installing a data backdoor.  [Engadget]

Chinese spy group targets Israel.  [The Register]

US and allies accuse Chinese government of Exchange cyberattack.  [The Verge]  [Ars Technica]  [Engadget]

• China says Microsoft hacking accusations fabricated by US and allies.  [BBC News]

Apple censorship and surveillance in China.  [Schneier]  [NYT]

China’s and Russia’s spying sprees will take years to unpack.  [Ars Technica]

Chinese hackers stole an NSA Windows exploit in 2014.  [Schneier]  [Check Point]

On Chinese-owned technology platforms.  [Schneier]

Chinese supply-chain attack on computer systems.  [Schneier]  [Bloomberg]

Former NCSC chief says US sanctions made Britain strip Huawei from mobile networks.  [The Register]

How China uses stole US personnel data.  [Schneier]  [Foreign Policy]

Chinese drone and chip makers added to US banned list.  [BBC News]  [The Verge]  [Engadget]

China Telecom joins internet routing security team.  [The Register]

FCC considers expelling China Telecom from US networks.  [The Register]

UK bans installation of Huawei 5G equipment starting September 2021.  [Engadget]

How the US attacked Huawei.  [The Register]

Massive China-state-funded hack hits companies around the world.  [Ars Technica]  [Schneier]  [Symantec]

NSA advisory on Chinese government hacking.  [Schneier]  [NSA PDF]

Chinese confidential paperwork to be handed over to Feds.  [The Register]

TikTok collected device identifiers for over a year.  [The Verge]  [Engadget]

US Gov prepares to ban TikTok, WeChat.  [Ars Technica]

USA cleanses local networks of Chinese equipment under new five-point national data security plan.  [The Register]  [Android Police]

How a Chinese agent used LinkedIn to hunt for targets.  [BBC News]

Chinese-made drone app in Google Play spooks security researchers.  [Ars Technica]

NZ urged not to follow UK in banning Huawei 5G equipment.  [Stuff]

UK bans Huawei from 5G networks.  [Ars Technica]  [The Verge]  [Engadget]  [The Register]  [PocketNow]  [Stuff]  [NZ Herald]  [BBC News]  [Hexus]

Former MI6 chief claims there is 'close linkage' between Huawei and Chinese military.  [NZ Herald]

GCHQ's cyber arm report on Huawei.  [The Register]

• Huawei urges UK government to wait before declaring it 'unreliable'.  [The Register]

China's global network.  [BBC News]

TikTok will pull out of Hong Kong.  [Engadget]

US government considering a TikTok ban.  [The Verge]  [Ars Technica]

US pushes Europe to reject Chinese baggage screening tech.  [Engadget]  [Stuff]

Why Huawei's days in the UK could be numbered.  [BBC News]  [NZ Herald]

Trump administration claims Huawei 'backed by Chinese military'.  [BBC News]

EU hits out at China's bid to rewrite rules of the Internet.  [NZ Herald]

FCC failed to monitor Chinese telecoms for almost 20 years.  [Ars Technica]  [The Register]

Huawei goes on UK offensive.  [The Register]

Huawei loses out on O2 Germany's core 5G network.  [The Register]

UK says 'no' to Huawei after all.  [ITP TechBlog]  [PocketNow]  [BBC News]

A Chinese hacking group is reportedly targeting governments across Asia.  [Engadget]

Citing BGP hijacks and hack attacks, feds want China Telecom out of the US.  [Ars Technica]  [Engadget]

Chinese hacking crew stay under the radar for over a decade.  [The Register]

Leaked documents suggest Huawei violated Iran sanctions.  [Engadget]  [Reuters]

Feds claim Huawei can snoop on mobile networks.  [The Verge]  [NZ Herald]  [The Register]  [Ars Technica]

Equifax breach was the work of Chinese state hackers.  [Ars Technica]  [Engadget]  [ExtremeTech]  [The Register]  [BBC News]  [The Verge]  [Krebs]  [Graham Cluley]

UK to allow Huawei in 5G networks but not in 'core' parts.  [Stuff]  [ITP Techlog]  [BBC News]  [The Verge]  [Engadget]  [PocketNow]

• How the UK's Huawei decision affects the rest of the world.  [BBC News]

• Vodafone to remove Huawei from European core networks.  [The Register]

• Pentagon blocks new Huawei trade restrictions from taking effect.  [Android Police]

• US hands UK 'dossier' on Huawei.  [The Register]

Chinese hackers bypassing 2FA.  [Schneier]  [ZDNet]

FCC moves to ban Huawei and ZTE from $8.5 billion service fund.  [The Verge]  [Engadget]  [The Register]  [Packet Pushers]

UK to grant Huawei access to national 5G networks.  [PocketNow]  [EETimes]  [Engadget]

• UK still undecided about granting Huawei access to 5G.  [PocketNow]

Huawei wants to license its 5G tech to US telecoms.  [Engadget]

• Germany will not bar Huawei from its 5G networks.  [BBC News]  [PocketNow]

• Chinese spy trains.  [Schneier]  [NYT]

• US will 'reassess' info sharing with NZ if Huawei allowed into 5G upgrade.  [Voxy]  [YouTube]

• Chinese tech firm Huawei says it was hacked by the United States.  [Graham Cluley]

• Huawei allegedly developed a spy-friendly phone network for North Korea.  [Engadget]

• China distributes spyware at its border and beyond.  [Wired]

• The Netherlands are not banning Huawei from 5G rollout.  [PocketNow]

• Telegram reports China is behind DDoS.  [Wired]

• Huawei’s export ban is wider in scope than most people imagine.  [Ars Technica]  [BBC News]  [PocketNow]  [The Verge]

Google: cutting Huawei off from Android actually threatens US security.  [The Verge]  [Ars Technica]  [Engadget]

Facebook is stopping Huawei from pre-installing its apps.  [The Verge]  [BBC News]  [Wired]  [Engadget]

Huawei can’t officially use microSD cards in its phones going forward.  [The Verge]  [Engadget]

China warns of investment blow to UK over Huawei 5G ban.  [BBC News]

The case against Huawei, explained.  [The Verge]

Huawei working with Google to respond to ban.  [PocketNow]

ARM cuts ties with Huawei, threatening future chip designs.  [The Verge]  [Ars Technica]  [ExtremeTech]  [BBC News]  [The Register]  [Android Police]

Huawei’s US ban: A look at the hardware and software supply problems.  [Ars Technica]

US government warns China may have access to drone data.  [Engadget]  [ExtremeTech]  [DPReview]

Chinese customers are firmly supporting Huawei after Google pulls Android license.  [The Verge]

Lawmakers applaud Google for revoking Huawei’s Android license.  [The Verge]

US spy chiefs used classified info to warn tech execs about doing business with China.  [The Verge]

Seven questions we still have about Huawei’s US blacklisting.  [The Verge]

Google revokes Huawei's Android software license.  [HEXUS]  [ExtremeTech]  [Engadget]

Intel, Qualcomm, Broadcom, and Xilinx all move to cut off Huawei.  [ExtremeTech]  [DC Knowledge]  [Engadget]

US may soften ban on Huawei to help existing users.  [Engadget]

White House cracks down on Huawei equipment sales with executive order.  [The Verge]  [Engadget]  [EETimes]  [Ars Technica]

Huawei willing to sign no-spy agreements with governments.  [PocketNow]

FCC denies China Mobile's bid to provide services in the US.  [Engadget]

Huawei had unauthorised access to people's computers.  [Stuff]

Bloomberg: 'Hidden backdoors’ were found in Huawei equipment.  [The Verge]

• Secret Huawei enterprise router snoop 'backdoor' was Telnet service.  [The Register]

NYT investigates China’s surveillance-state exports.  [The Verge]  [NYT]

Huawei will help build Britain’s 5G network, despite security concerns.  [The Verge]  [NZ Herald]  [Stuff]  [PocketNow]  [BBC News]  [HEXUS]  [Engadget]

• Huawei 5G row: Ministers demand leak inquiry.  [BBC News]  [BBC News]

• Huawei: Why UK is at odds with its cyber-allies.  [BBC News]

• Has the UK cleared Huawei for 5G networks?  [EETimes]

• US threatens to cut UK from intel sharing over Huawei.  [The Register]  [NZ Herald]

• US official warns 'no safe level' of involvement with tech giant.  [BBC News]  [The Register]  [The Register]

CIA: China’s security agencies provided funds for Huawei.  [The Verge]  [Engadget]

FCC proposes blocking China-owned telecom from US phone market.  [Ars Technica]

Huawei piles pressure on Govt with ads and sponsorship, security experts say.  [Stuff]

FCC chairman wants to keep China Mobile out of the US.  [Engadget]  [The Register]  [Android Police]

China and Huawei Marine spying on undersea Internet cables.  [Schneier]  [Bloomberg]

Huawei WiFi modules were pulled from Pakistan CCTV system.  [BBC News]

Huawei's 'shoddy' work prompts talk of a Westminster ban.  [BBC News]  [NZ Herald]

Huawei’s security troubles are hardening into a fight between the US and China.  [The Verge]

The real reason Huawei shouldn't be in 5G networks.  [NZ Herald]

Huawei's role in NZ runs way deeper than 5G.  [NZ Herald]  [ITP Techblog]

Huawei NZ boss outlines two possible ways back in.  [NZ Herald]

NSA-inspired vulnerability found in Huawei laptops.  [Schneier]  [Ars Technica]

Huawei's problem isn't Chinese backdoors -- it's buggy software.  [Wired]  [NZ Herald]

GCHQ delivers scathing assessment of security risks posed by Huawei.  [Stuff]  [NZ Herald]  [ExtremeTech]  [Engadget]  [PocketNow]

No European nation has banned Huawei.  [PocketNow]  [The Verge]  [PocketNow]

Debate around Huawei espionage fears in UK is not clear.  [The Register]

US cranks pressure on UK over Huawei and 5G.  [PocketNow]

Is Huawei a security threat?  [The Verge]

The Huawei case signals the new US-China cold war over tech.  [Wired]

US tells Germany to stop using Huawei equipment or lose some intelligence access.  [The Verge]  [Engadget]  [The Register]

UK government's worries over backdoors in Huawei’s 5G tech castle.  [BBC News]

Huawei is suing the US government.  [Engadget]  [The Verge]  [BBC News]  [PocketNow]  [NZ Herald]  [The Register]

Experts: U.S. anti-Huawei campaign likely exaggerated.  [Stuff]

History of Huawei's legal woes in the U.S.  [EETimes]

Huawei promises it will not create backdoors for Chinese government.  [Android Police]

• US senators want Chinese equipment out of national electricity grid.  [The Register]

Could Huawei threaten the Five Eyes alliance?  [BBC News]

UK NCSC: Huawei hasn't yet fixed its security vulns.  [The Register]

Germany may use Huawei hardware for its 5G networks.  [Engadget]

• Germany clears Huawei for 5G.  [NZ Herald]

Huawei founder denies sharing secrets with China.  [Stuff]

Huawei founder: “There’s no way the US can crush us.”  [Engadget]  [PocketNow]

Huawei risk can be managed.  [BBC News]  [Engadget]  [PocketNow]  [NZ Herald]

Chinese telecommunications hardware is about to be banned by executive order.  [HardOCP]  [TechSpot]  [ExtremeTech]

Can we trust Huawei with 5G?  [The Verge]

FBI allegedly ran sting operation on Huawei at CES.  [ExtremeTech]

A simple guide to why Huawei is in trouble.  [BBC News]

French minister: Europe should act as one regarding Huawei.  [PocketNow]

Vodafone puts Huawei rollout in core networks on hold.  [BBC News]  [PocketNow]

Huawei deemed "viable and reliable" by Canada's Telus.  [PocketNow]

Germany considers locking Huawei out of its network.  [PocketNow]

Huawei founder comments amidst tumult on security, US relationship.  [PocketNow]

Huawei's year off to a rocky start.  [ITP TechBlog]

Taiwanese research institute joins banhammer club.  [The Register]

Poland spy arrest: China telecoms firm Huawei sacks employee.  [BBC News]

Norway considers banning Huawei from building 5G infrastructure.  [PocketNow]

Are Huawei products unsafe or insecure?  [EtherealMind]

Huawei hits roadblocks in Europe after US fight.  [NZ Herald]  [BBC News]

The US is warning other countries against using Huawei's 5G tech.  [Engadget]

GCSB bans Spark from using Huawei gear for its 5G mobile upgrade.  [NZ Herald]  [Techblog NZ]  [Geekzone NZ]  [BBC News]  [NZ Herald]  [Engadget]  [The Register]

Huawei: why has UK not blocked Chinese firm's 5G kit?  [BBC News]

GCSB is following the process.  [NZ Herald]

Huawei mess was entirely predicatble.  [NZ Herald]

Huawei's Western assault: cyber threat or competitive advantage?  [NZ Herald]

What's going on with Huawei?  [BBC News]  [HardOCP]

Huawei does damage control in Europe.  [PocketNow]

Are Huawei products unsafe or insecure?  [Packet Pushers]

Huawei's biggest problem is China.  [NZ Herald]

Germany blames Fancy Bear for 2023 attacks.  [The Register]

Failed NSA spy for Russia gets 22 years.  [The Register]

Russian state-sponsored hackers targeting Microsoft.  [Engadget]  [The Register]

Cozy Bear dives into cloud with new tricks.  [The Register]

From cybercrime Saul Goodman to the Russian GRU.  [Krebs]

Microsoft network breached by Russian state hackers.  [Schneier]  [Microsoft]  [The Register]  [The Verge]  [Engdget]  [Ars Technica]

Kremlin cyber spies move into malware with a custom backdoor.  [The Register]

FBI disrupts BlackCat ransomware.  [Krebs]  [The Register]  [The Verge]  [Engadget]

Five Eyes warns about new targets for Russia-backed attackers.  [The Register]

Fancy Bear targets US, European high-value networks.  [The Register]

UK government denies China/Russia nuke plant hack claim.  [The Register]

USB worm unleashed by Russian state hackers spreads worldwide.  [Ars Technica]  [Schneier]

Russia bans shadowsocks protocol in continuing VPN crackdown.  [Restore Privacy]

Russia sends cybersecurity CEO to jail for 14 years.  [Krebs]  [The Register]

Russia bans state officials from using Apple devices.  [Engadget]

Russian hackers target US government.  [ExtremeTech]  [The Register]

FBI disables Russian malware.  [Schneier]  [Reuters]

Russia's APT28 targets Ukraine government with bogus Windows updates.  [The Register]

Russian snoops invade unpatched Cisco gear.  [The Register]

Russian cyberwarfare documents leaked.  [Schneier]  [The Guardian]  [The Register]

Russian hackers reportedly targeted three US nuclear research labs.  [Engadget]

Ukraine intercepting Russian solders' cell phone calls.  [Schneier]  [The Guardian]

Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation.  [Ars Technica]

New malware is nuking data in Russia’s courts and mayors’ offices.  [Ars Technica]  [Schneier]  [Kaspersky]  [The Register]

EU parliament declares Russia a terrorism sponsor.  [Ars Technica]

Russian software company pretending to be American.  [Schneier]  [Reuters]

Pro-Russia hackers claim DDoS attacks against US airport websites.  [ExtremeTech]  [Engadget]

Cold War bugging of Soviet facilities.  [Schneier]  [The Brush Pass]

The secret US mission to bolster Ukraine’s cyber defenses ahead of Russia’s invasion.  [Ars Technica]

US and Britain blame Russia for cyberattacks on Ukraine's websites.  [Engadget]

Russian hackers targeting US contractors.  [The Verge]  [Ars Technica]  [The Register]  [Graham Cluley]

Ukrainian defense ministry hit by DDoS during tense standoff with Russia.  [The Verge]  [Engadget]  [The Register]

More Russian cyber operations against Ukraine.  [Schneier]  [NYT]  [Engadget]  [Ars Technica]

On the trail of Russia's $100m Evil Corp hacking gang.  [Graham Cluley]  [YouTube]

More Russian SVR supply-chain attacks.  [Schneier]  [Microsoft]

Russia blocks NordVPN, Express VPN in bid to control content.  [DC Knowledge]

Russian hackers are trying to brute-force hundreds of networks.  [Ars Technica]  [Schneier]  [BBC News]  [Engadget]

Adventures in contacting the Russian FSB.  [Krebs]

Russian hackers target aid groups.  [BBC News]  [The Verge]  [Ars Technica]  [Engadget]  [Ars Technica]

China’s and Russia’s spying sprees will take years to unpack.  [Ars Technica]

NSA says Russian state hackers are using a VMware flaw to ransack networks.  [Ars Technica]  [The Register]

Six Russians accused of the world’s most destructive hacks indicted.  [Ars Technica]

Russia’s Fancy Bear hackers likely penetrated a federal agency.  [Ars Technica]  [Engadget]

Russian state hackers targeting presidential campaigns.  [Ars Technica]

Russia’s GRU hackers hit US government and energy targets.  [Ars Technica]

UK Government chose not to investigate if Russian hackers interfered in Brexit referendum.  [Graham Cluley]

Russia is trying to tap trans-Atlantic cables.  [Schneier]  [The Times]

Why the NYT thinks Russia hacked Burisma.  [The Verge]

Experts find evidence Russians hacked Ukrainian gas company.  [Engadget]

Russian state hacker crew caught uploading malware to Google Play Store.  [The Register]

Russia against hacker extradition.  [Krebs]

Russia’s Fancy Bear hackers conduct “significant cyberattacks” on anti-doping agencies.  [Ars Technica]

Russian hackers modify Chrome and Firefox to track secure web traffic.  [Engadget]

New research into Russian malware.  [Schneier]  [ZDNet]

Russians hack FBI comms system.  [Schneier]  [Yahoo News]

Hackers broke into a contractor for Russia's spy agency.  [Engadget]  [Schneier]  [ZDNet]

US Cyber Command has reportedly been aggressively targeting Russia’s electrical grid.  [The Verge]  [Engadget]

Russian hackers haven't stopped probing the US power grid.  [Wired]

Russia hacks Saudi oil and gas plant.  [The Register]

How Russian spies infiltrated hotel WiFi to hack victims up close.  [Wired]  [Ars Technica]

Russia's elite hackers have a clever new trick that's very hard to fix.  [Wired]

Researchers find Russian “VPNfilter” malware was a Swiss Army hacking knife.  [Ars Technica]

Russia appears to be 'live testing' cyber attacks.  [The Register]

US and UK warn that Russia has been hacking routers worldwide.  [Engadget]  [Graham Cluley]  [The Register]  [Graham Cluley]  [Voxy]  [Dark Reading]  [HardOCP]  [The Hill]  [Ars Technica]  [Krebs]  [ExtremeTech]

How Dutch intelligence spied on the Russian hackers attacking the DNC.  [Graham Cluley]  [ExtremeTech]  [NZ Herald]

What would really happen if Russia attacked submarine cables.  [Wired]

A guide to Russia’s high tech tool box for subverting US democracy.  [Wired]

Wired's guide to Russia's infrastructure hacking teams.  [Wired]

Russian hackers target the US nuclear industry.  [Engadget]  [HardOCP]  [NYT]

Obama reportedly ordered implants to be deployed in key Russian networks.  [Ars Technica]

FBI, Homeland Security detail how Iranian hackers stole US voter data.  [Engadget]

Iranian government hacking Android.  [Schneier]  [NYT]

North Korean hacking gang targets banks worldwide.  [Graham Cluley]

North Korea’s Lazarus brings state-sponsored hacking approach to ransomware.  [Ars Technica]

Nation-state espionage campaigns against Middle East defense contractors.  [Schneier]  [WeLiveSecurity]

An advanced and unconventional hack is targeting industrial firms.  [Ars Technica]

Iranian hackers have been ‘password-spraying’ the US Grid.  [Wired]

Iranian attacks on industrial control systems.  [Schneier]  [Ars Technica]

Iran says it staved off cyber attack but doesn't blame US.  [The Register]

• Iran 'foils second cyber-attack in a week'.  [BBC News]

Iranian wiper discovered in attacks on Middle Eastern companies.  [Ars Technica]

Iranian hacking crew is targeting industrial control systems.  [Wired]

Tipped off by an NSA breach, researchers discover new APT hacking group.  [Ars Technica]

Details of the Olympic Destroyer APT.  [Schneier]  [Wired]

New reductor nation-state malware compromises TLS.  [Schneier]  [Kaspersky]

Supply chain security and trust.  [Schneier]

New advanced malware, possibly nation sponsored, is targeting US utilities.  [Ars Technica]

US took down Iranian drone using new jammer technology.  [Engadget]

Microsoft warns 10,000 customers they’re targeted by nation-sponsored hackers.  [Ars Technica]

Mobile networks hacked by probably nation-state attackers.  [Schneier]  [TechCrunch]

US Cyber Command: Iran hitting Outlook email flaw.  [The Register]

Iranian state hackers reload their domains, release off-the-shelf RAT malware.  [Ars Technica]

US cyberattack reportedly hit Iranian targets.  [The Verge]  [Engadget]

Triton hackers behind dangerous oil and gas intrusions are probing US power grids.  [Ars Technica]  [Wired]

Google confirms that advanced backdoor came preinstalled on Android devices.  [Ars Technica]

Iranian cyberespionage tools leaked online.  [Schneier]  [ZDNet]

Triton malware targets industrial control systems.  [Schneier]  [MIT Technology Review]

• More on the Triton malware.  [Schneier]  [Ars Technica]  [Wired]  [Motherboard]

GCHQ: Chinese tech 'threats' must be understood.  [BBC News]

Australian political parties hit by 'state actor' hack.  [BBC News]  [NZ Herald]  [The Register]  [The Verge]

State-sponsored cyber attacks on the rise.  [Stuff]

US will map and disrupt North Korean botnet.  [Engadget]  [Ars Technica]

China's APT10.  [Schneier]  [Wired]

GSCB: Chinese commercial espionage reaches into NZ.  [NZ Herald]

How scammers in China manipulate Amazon and its shoppers.  [HardOCP]  [WSJ, YouTube]

Chinese hackers are targeting U.S military contractors.  [HardOCP]  [WSJ]

NSA official: China is preparing for possible high-profile hacks.  [Engadget]

How did Iran find CIA spies?  They Googled it.  [Ars Technica]  [The Register]

Chinese spies orchestrated massive hack that stole aviation secrets.  [Ars Technica]  [Engadget]

China's hacking of BGP.  [Schneier]  [USF]  [HardOCP]  [NZ Herald]

Chinese supply chain hardware attack.  [Schneier]  [Bloomberg]  [Android Police]  [ExtremeTech]  [The Verge]  [DC Knowledge]

• Chinese spy chips would be a ‘god-mode’ hack, experts say.  [The Verge]

• Companies deny Bloomberg claim.  [Graham Cluley]  [EETimes]  [BBC News]  [The Verge]

• DHS and GCHQ back Apple and Amazon’s denials they were hacked by China.  [Graham Cluley]  [Bloomberg]

• Motherboard makers are moving manufacturing out of China.  [HardOCP]  [DigiTimes]

• Evidence of hacked Super Micro hardware found in US Telecom.  [DC Knowledge]  [HardOCP]  [Bloomberg]  [The Register]  [Engadget]  [The Verge]  [ExtremeTech]

• NSA cyber official asks for first-hand accounts of chip hacking.  [Bloomberg]

• Government perspective on supply chain security.  [Schneier]  [Krebs]

• Super Micro tells senators no evidence of Chinese hardware hack.  [Bloomberg]  [The Register]

• Another US intel chief casts doubt on Chinese spy chip story.  [The Verge]

• Banning Chinese phones won't fix the supply chain problem.  [Russ White]  [Washington Post]

• That Bloomberg supply-chain-hack story.  [Schneier]

• Supermicro says they found no spy chips in their motherboards.  [HardOCP]  [Supermicro]  [The Register]  [ExtremeTech]  [Graham Cluley]

North Korea turns to APT hack attacks for cash.  [The Register]

CIA network exposed through insecure communications system.  [Schneier]  [Foreign Policy]

Former NSA top hacker names the filthy four of nation-state hacking.  [The Register]

State governments warned of malware-laden CD sent via snail mail from China.  [Krebs]  [Engadget]

Kremlin hackers 'jumped air-gapped networks' to own US power utilities.  [The Register]

New report on Chinese intelligence cyber-operations.  [Schneier]  [401 TRG]

China-based hackers burrow inside satellite, defense, and telecoms firms.  [Ars Technica]  [Wired]

US Government warns of more North Korean malware attacks.  [Graham Cluley]

Chinese hackers stole undersea warfare data from US Navy contractor.  [Engadget]  [The Verge]

FBI seeks to thwart cyber-attack on Ukraine.  [BBC News]

• Ukraine claims it blocked VPNFilter attack at chemical plant.  [The Register]

Chinese government is behind a decade of hacks on software companies.  [Ars Technica]  [Engadget]

Guccifer 2.0’s schoolboy error reveals he’s hacking from Moscow.  [Graham Cluley]  [Wired]

APT37: the toolset of an elite North Korean hacker group.  [Wired]

NSA sent coded messages through Twitter.  [Engadget]

Numbers stations: The 'spy radio' that anyone can hear.  [BBC News]

North Korea is barely wired, so how did it become a global hacking power?  [NZ Herald]

German spy agency warns of Chinese LinkedIn espionage.  [BBC News]

Symantec discovers new cyber espionage group targeting governments.  [Voxy]

Stuxnet-style code signing is more widespread than anyone thought.  [Ars Technica]

Iran blamed for cyberattack on UK parliament.  [Engadget]

North Korean hackers allegedly probing US utilities for weaknesses.  [The Register]

US pressured North Korea by overwhelming hackers with data traffic.  [Engadget]  [Ars Technica]

New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies.  [Graham Cluley]  [The Register]

Spyware deployed in state-sponsored attacks against India and Pakistan.  [Graham Cluley]

Attack on Ireland’s state-owned power provider blamed on state-sponsored hackers.  [Graham Cluley]

US: North Korea' Hidden Cobra group behind eight years of hacks.  [Stuff]  [Gizmodo]  [Engadget]  [The Register]  [THG]

NSA believes North Korea was responsible for WannaCry ransomware attacks.  [The Verge]  [BBC News]  [Schneier]

North Korea's sloppy, chaotic cyberattacks also make perfect sense.  [Wired]

US-CERT Warns North Korea Has Stepped Up Cyberattacks.  [ExtremeTech]

“Crash Override” malware that triggered Ukrainian power outage.  [Ars Technica]  [The Register]  [NZ Herald]  [Stuff]  [HardOCP]  [WeLiveSecurity]  [Dragos]

• Watch hackers take over the mouse of a power-grid computer.  [Wired]

• Where Russian spies hide their control servers.  [Ars Technica]

• North Korean cyberwar capabilities.  [Schneier]  [Reuters]  [NZ Herald]  [Stuff]

We are not done with state-sponsored hacking.  [Russ White]  [Monday Note]

Criminals getting closer to state actors.  [Russ White]  [Halbheer]

Attack vs defense in nation-state cyber operations.  [Schneier]  [Cornell]

Malware 'disguised as Siemens firmware drills into 10 industrial plants'.  [The Register]

The US has been conducting offensive cyberattacks against North Korea.  [Schneier]  [NYT]

Duqu malware techniques used by cybercriminals.  [Schneier]  [SecureList]  [Ars Technica]

Definitely not another Stuxnet, researchers claim as they demo industrial control rootkit.  [The Register]

Yet another government-sponsored malware.  [Schneier]

Stuxnet-like "Irongate" malware discovered.  [Schneier]  [FireEye]  [Motherboard]  [Dark Reading]

Air-gapping SCADA systems won't help you, says man who knows.  [The Register]

Inside the unprecedented hack of Ukraine’s power grid.  [Wired]

Massive US-planned "Nitro Zeus" cyberattack against Iran went well beyond Stuxnet.  [Ars Technica]

• 'Nitro Zeus' was a massive cyber attack plan aimed at Iran if nuclear negotiations failed: report.  [Jalopnik]

Kaspersky Lab reveals Duqu 2.0 attack on itself during Iran nuke talks.  [The Register]  [THG]  [Wired]  [Graham Cluley]  [HardOCP]  [BBC News]  [Schneier]

• Duqu 2.0: 'Terminator' malware that pwned Kaspersky could have come from Israel.  [The Register]

• Duqu 2.0‬ malware buried into Windows PCs using 'stolen Foxconn certs'.  [The Register]  [Ars Technica]  [Wired]

A cyberattack has caused confirmed physical damage for the second time ever.  [Wired]  [Gizmodo]  [Schneier]

Active malware operation let attackers sabotage US energy industry.  [Ars Technica]  [Gizmodo]  [Symantec]

• Dragonfly hackers target 1000 Western energy firms, industrial control systems.  [Graham Cluley]  [DailyTech]

Attackers fling Stuxnet-style RATs at critical control software in Europe.  [The Register]

New cyber-attack model helps predict timing of the next Stuxnet.  [Ars Technica]

• SCADA security is better and worse than we think.  [The Register]

• Decade-old espionage malware found targeting government computers.  [Ars Technica]  [ThreatPost]

• SCADA honeypots attract swarm of international hackers.  [The Register]

• Gauss.  [Schneier]  [Ars Technica]

• Eugene Kaspersky and Mikko Hypponen talk Red October and the future of cyber warfare.  [TechCrunch]

• 'Red October' cyber attack found by Russian researchers.  [BBC News]  [Gizmodo]  [Kaspersky]  [TrustedReviews]  [THG]

• Red October relied on Java exploit to infect PCs.  [Ars Technica]  [ComputerWorld]

• Why Red October malware is the Swiss Army knife of espionage.  [Ars Technica]

• Why Red October is already pulling its tendrils back into the dark.  [Gizmodo]  [Threat Post]

• Iranian computers targeted by new malicious data wiper program.  [Ars Technica]  [WSJ ATD]

• Iran responds to new "Stuxnet-like" cyber attack.  [WSJ ATD]  [HardOCP]  [AP]

• Malware spy network targeted Israelis, Palestinians.  [Krebs]

• A Stuxnet future?  Yes, offensive cyber-warfare is already here.  [ISN]

• DDoS attacks on major US banks are no Stuxnet -- here's why.  [Ars Technica]

• More malware targeting Iran could yet be discovered.  [BBC News]

• The perfect crime: is Wiper malware connected to Stuxnet, Duqu?  [Ars Technica]  [Wired]

• New virus linked to Stuxnet found.  [HardOCP]  [STL Today]  [Ars Technica]  [Wired]

• Siemens squashes Stuxnet-like bugs in SCADA kit.  [The Register]

• New Mahdi strain of spyware targets Iran and Israel.  [ReadWriteWeb]

• Move over, Flame: new Messiah-themed malware targets Iran and Israel.  [Ars Technica]

• The failure of anti-virus companies to catch military malware.  [Schneier]  [Wired]  [The Register]

• Stuxnet expert calls US the "good guys" in cyber-warfare.  [Ars Technica]

• Stuxnet ≠ cyberwar, says US Army cyber command officer.  [The Register]

Researchers show how easy a new Stuxnet-like attack can be.  [WSJ ATD]

There's a new version of the Stuxnet-esque Duqu trojan floating around and nobody knows what it does.  [Gizmodo]

Duqu trojan used 'unknown' programming language: Kaspersky.  [CBR]

• Duqu mystery language solved with the help of crowdsourcing.  [Wired]

A Valentine's Day present for SCADA companies: new exploit tools.  [Ars Technica]

Stuxnet weapon has at least 4 cousins: researchers.  [Reuters]

From the man who discovered Stuxnet, dire warnings one year later.  [CS Monitor]

US reveals Stuxnet-style vuln in Chinese SCADA 'ware.  [The Register]

Kaspersky claims 'smoking code' linking Stuxnet and Duqu.  [The Register]

Microsoft squashes Duqu threat with Windows patch.  [Ars Technica]

Microsoft airs temporary fix to defeat Duqu worm.  [DailyTech]

Nasty 'Duqu' worm exploits same Microsoft Office bug as Stuxnet.  [DailyTech]  [Ars Technica]

Researchers warn of new Stuxnet worm.  [BBC News]

• New malware: Duqu.  [Schneier]

• Son of Stuxnet discovered.  [The Register]  [Wired]