iMyFone LockWiper

iMyFone LockWiper

Helps you bypass the iPhone passcode in case you forgot it and the device became unusable or you have to wait for a long time before attempting to unlock it again

FULL VERSION + CRACK
Voicemod

Voicemod

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

FULL VERSION + CRACK
Flvto Youtube Downloader

Flvto Youtube Downloader

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

FULL VERSION + CRACK
Logic Pro X

Logic Pro X

A fully-featured recoding studio that provides a complete set of tools for musicians who need to write, record, edit and mix music

FULL VERSION + CRACK
Internet Download Manager (IDM)

Internet Download Manager (IDM)

Push your Internet connection to the limits and cleverly organize or synchronize download processes with this powerful application

FULL VERSION + CRACK

IT News

Nov 15
The newly discovered Pipka script can delete itself from a website after execution, making it very difficult to detect.
Nov 15
Jamf has built a unique event that digs deep into the community it serves and echoes the big shows Apple used to put on.
Nov 15
Enterprises will soon have access to Azure Arc and Azure Synapse Analytics, two new services that bolster Microsoft's cloud offerings.
Nov 15
The latest version of Windows 10 is little more than a rerun of the May version of the operating system, though it does offer a few new features.
Nov 14
On the same day it unveiled its newest laptop, the company also announced that the new Mac Pro will ship in December.
Nov 13
The software, initially designed to help IT teams track and resolve service requests, can now be configured for use in non-tech areas such as HR and legal.
Nov 13
IBM, which has embraced Apple hardware in a big way, says the employees who use Macs are more likely to stay at the company - and are more productive. The insights came at this weeks Jamf Nation User Conference.

Categories

Report: China supported C919 airliner development through cyberespionage

Security researchers have correlated the activity of a Chinese hacker group known for targeting aerospace companies to a multi-year espionage effort by China's intelligence agencies to further the development of the country's C919 aircraft, an airliner designed to compete with similar planes from Airbus and Boeing.

The Comac C919 is a narrow-body twinjet airliner whose development started in 2008 and had its first maiden flight in 2017 after various delays due to technological issues. While being touted as a Chinese-made aircraft, the plane uses many components supplied by aerospace companies from Europe and North America.

Between 2010 and 2015, coinciding with the plane's development, researchers from CrowdStrike tracked a China-based group they dubbed Turbine Panda that launched cyberespionage attacks against several of the companies that supply C919 components. They now believe this was part of a coordinated effort by China to bridge the technology gap needed to produce the same components locally by state-owned enterprises.

Evidence indicates that effort was coordinated by the JSSD, the Jiangsu Bureau of China's Ministry of State Security (MSS), and that it combined traditional espionage by recruiting insiders in targeted companies, as well as cyber intrusions by Turbine Panda.

"From August 2017 until October 2018, the DoJ [the U.S. Department of Justice] released several separate but related indictments against Sakula developer YU Pingan, JSSD Intelligence Officer XU Yanjun, GE Employee and insider ZHENG Xiaoqing, U.S. Army Reservist and assessor JI Chaoqun, and 10 JSSD-affiliated cyber operators in the ZHANG et. al. indictment," CrowdStrike said in a new report released today.

A broad, coordinated effort to collect aerospace IP

"What makes these DoJ cases so fascinating is that, when looked at as a whole they illustrate the broad but coordinated efforts the JSSD took to collect information from its aerospace targets. In particular, the operations connected to activity CrowdStrike Intelligence tracked as Turbine Panda showed both traditional human-intelligence (HUMINT) operators and its cyber operators working in parallel to pilfer the secrets of several international aerospace firms," the report stated.

Sakula is a malware program that CrowdStrike believes is unique to Turbine Panda and JSSD, even though Turbine Panda has also used other Trojans like PlugX and Winnti that are shared by other Chinese APT groups.

Sakula developer YU Pingan was arrested by the FBI in 2017 while attending a security conference in the U.S. and soon after the MSS issued orders to prevent Chinese security researchers from participating in conferences and capture-the-flag competitions overseas.

"In years prior to that directive, Chinese teams-such as those from Qihoo 360, Tencent and Baidu-had dominated overseas competitions and bug bounties including Pwn2Own and CanSecWest, earning thousands of dollars in cash rewards for their zero-day exploits for popular systems such as Android, iOS, Tesla, Microsoft and Adobe," CrowdStrike said. "Instead, the companies these researchers work for were required to provide vulnerability information to the China Information Technical Security Evaluation Center (CNITSEC). CNITSEC was previously identified by CrowdStrike Intelligence and other industry reporting as being affiliated with the MSS Technical Bureau and it runs the Chinese National Information Security Vulnerability Database (CNNVD), which was outed for its role in providing the MSS with cutting-edge vulnerabilities likely for use in offensive operations."

According to CrowdStrike, many of the individuals named in the DoJ indictments and believed to be part of Turbine Panda have storied histories in the Chinese hacking circles dating back to at least 2004, indicating recruitment by Chinese intelligence of competent black hat hackers.

The Zhang indictment indicates that the cyber intrusions were overseen by Chai Meng, who managed the JSSD's cyber operations, and Liu Chunliang, who maintained the infrastructure for the attacks. Liu was also the one who sourced the Sakula malware from its developer, Yu, as well as another piece of malware called IsSpace that is associated with another Chinese APT group tracked as Samurai Panda.

Links to Anthem, OPM breaches

Both Sakula and IsSpace were used in the 2015 breaches at medical insurer Anthem and the United States Office of Personnel Management (OPM), which are already believed to be related based on industry reports. The attackers' techniques and procedures used in the Anthem breach bear a strong resemblance to those employed in a previous intrusion at Ametek, a US-based provider of electronic instruments and one of Turbine Panda's victims. These connections suggest that JSSD was behind the Anthem and OPM breaches.

"Even with the arrest of a senior MSS intelligence officer and a valuable malware developer, the potential benefits of cyber-enabled espionage to China's key strategic goals has seemingly outweighed the consequences to date," the CrowdStrike researchers said.

"The reality is that many of the other cyber operators that made up Turbine Panda operations will likely never see a jail cell," they said, concluding that the arrests are unlikely to "deter Beijing from mounting other significant cyber campaigns designed to achieve leapfrog development in areas of strategic importance."

Companies from the aerospace sector remain of interest to Chinese hackers and the attacks against them are likely to continue. In 2017, after C919's maiden flight, the Aero Engine Corporation of China (AECC) and Russia's United Aircraft Corp (UAC) announced a joint venture to design a new aircraft dubbed CR929, a wide-body jet that will compete with the Airbus 350 and Boeing 787.

Like with the C919, the CR929's engines, onboard electrical systems and other components will initially need to be sourced from foreign suppliers. CrowdStrike warns that companies bidding on those contracts "may face additional targeting from China-based adversaries that have demonstrated the capability and intent to engage in such intellectual property theft for economic gain."

"It is unclear whether Russia, a state that also has experienced cyber operators at its disposal, would also engage in cyber-enabled theft of intellectual property related to the CR929," the company said.

This story, "Report: China supported C919 airliner development through cyberespionage" was originally published by CSO.