Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

PRC's DJI Drone Android App Stealing Sensitive Information: Storing Data On Mainland China Servers →

July 27, 2020 by Marc Handelman in PRC, CCP, Data Stolen By China, PRC Espionage, Information Security, Data Security, PII, IoT

via the eponymous Dan Goodin, Security Editor at Ars Technica, comes this disturbing revelation of US persons that are owners of DJI drones and most importantly users of the company's DJI Go 4 for Android personal data undergoing trasnmittal to servers resident in the People's Republic of China. And, to add insult to injury, the application can apparently execute arbitrary bits without the behest of the hapless users. Read Dan's original superb reportage and try not to weep for your stolen identity (and data, thereof) ensconced so comfortably on PRC CCP controlled servers.

"People who have DJI Go 4 for Android installed may want to remove it at least until Google announces the results of its investigation (the reported automatic restart behavior means it's not sufficient to simply curtail use of the app for the time being). Ultimately, users of the app find themselves in a similar position as that of TikTok, which has also )aroused suspicions, both because of some behavior considered sketchy by some and because of its ownership by China-based ByteDance." - via the inimitable Dan Goodin, Security Editor at Ars Technica

July 27, 2020 /Marc Handelman
PRC, CCP, Data Stolen By China, PRC Espionage, Information Security, Data Security, PII, IoT

Check Point Security Researchers: PRC Military APT Group's Five Year Plan Targeting Australia, Others

May 14, 2020 by Marc Handelman in PRC, Badware, Bad Form, Information Insecurity

Holy Mackerel, it's those pesky PRC APT operators again! via Forbes contributor Zak Doffman. h/t

'The military espionage group’s tactics, described by Check Point as “very dangerous,” involved hijacking diplomatic communication channels to target specific computers in particular ministries.' - via Forbes contributor Zak Doffman

May 14, 2020 /Marc Handelman
PRC, Badware, Bad Form, Information Insecurity

Currency Cleaning On Demand (Not To Be Confused With Money Laundering)

February 18, 2020 by Marc Handelman in PRC, Public Health, Health, Health Security, Currency Security

via Karen Yeung, writing at the South China Morning Post, tells the tale of the PRC government's intentions to disinfect potentially pathogen-laden currency. A monumental problem, to say the least.

February 18, 2020 /Marc Handelman
PRC, Public Health, Health, Health Security, Currency Security

China Finagles World Bank To Fund Surveillance In Xinjiang

December 12, 2019 by Marc Handelman in PRC Surveillance State, PRC, Chinese Communists

Simply Astounding.

December 12, 2019 /Marc Handelman
PRC Surveillance State, PRC, Chinese Communists

ByteDance TikTok'd

November 06, 2019 by Marc Handelman in PRC, Intelligence Tooling, Information Security

Created by People's Republic of China-based Artificial Intelligence company ByteDance, TikTok's current synaptic-like traversal of North America's young adult demographic is summarily detailed in Sara Fischer's latest on Axios. Oh, and then there's this...

"While the video-based app simply seems like a benign platform for Gen Zers to make and share funny memes, it's could become a Chinese vacuum for coveted American data." - via Sara Fischer writing at Axios**

November 06, 2019 /Marc Handelman
PRC, Intelligence Tooling, Information Security

Image via VPNPro

Nearly Thirty Percent Of Most Popular VPNs Worldwide Owned By Hidden Chinese Organizations

July 08, 2019 by Marc Handelman in PRC, Network Security, Information Security, Confidentiality

Jan Youngren, writing at VPNPro has developed ownership intelligence (PDF) pointing to ninety-seven VPN properties that are owned by twenty-three organizations based in Communist China. H/T, further Via. Read it (PDF) and weep for your purloined privacy...

July 08, 2019 /Marc Handelman
PRC, Network Security, Information Security, Confidentiality

United States Cybersecurity and Infrastructure Security Agency (CISA): Chinese Malicious Cyber Activity Briefing →

March 19, 2019 by Marc Handelman in PRC, Cybersecurity, Information Security, US CISA

via the United States Cybersecurity and Infrastructure Security Agency (CISA), the embedded video is an Awareness Briefing on the Peoples Republic of China (PRC) Chinese Malicious Cyber Activity. This CISA webinar provides background data and mitigation/remediation techniques on the PRC Malicious Cyber Activity targeting Managed Service Providers (MSPs). While this webinar is now over 30 days old, the issues discussed in the video are still very relevant.

March 19, 2019 /Marc Handelman
PRC, Cybersecurity, Information Security, US CISA

Xinjang Highlighted In Red

The Xinjang Job

February 20, 2019 by Marc Handelman in Surveillance, PRC

via Reuters and the South China Morning Post comes reports of what could be the largest data breach in the People's Republic of China on record. Pointing to what is being described as a 'vast surveillance operation'. Surprised? Don't be fooled as there is nothing new under the sun, given the country's predeliction for human micro-manipulation that can be traced back in relatively recent times (1958-1961) to Mao Zedong's Cultural Revolution (and of course, to the previous five millenia of Chinese history)...H/T

February 20, 2019 /Marc Handelman
Surveillance, PRC

Dusting Off The Command And Control RV for the Commissar…

Communist Chinese Commence 'Negative Information' Crackdown

January 04, 2019 by Marc Handelman in PRC, Peoples Republic of China, Extreme Crowd Control, Internet Censorship

via the South China Morning Post reporter Phoebe Zhang, we learn of new enforcement actions just deployed by the PRC's Cyber Police targeting 'negative information'...

"China’s cybersecurity police announced a new campaign on Thursday targeting websites and web applications that spread what they called “negative information” on the internet..." "During the clampdown, all websites, mobile phone apps, forums, instant messaging and live-streaming platforms will be vetted for any vulgar and violent content as well as rumours, superstition and information that “fuels hatred, spreads unhealthy lifestyles and pop culture”." - via the South China Morning Post reporter Phoebe Zhang

January 04, 2019 /Marc Handelman
PRC, Peoples Republic of China, Extreme Crowd Control, Internet Censorship