Posts: 4,607
Threads: 543
Joined: Dec 2009
Quote:App developer and privacy researcher Felix Krause published a report on the risks associated with some iOS apps injecting JavaScript code into third-party browsers.
Of the seven most popular iOS apps analyzed, Beijing-based TikTok was the only one that didn’t give users the option to open links with a third-party browser.
Klause found that TikTok’s iOS app “monitors all taps happening on websites, including taps on all buttons and links” accessed via its in-app browser.
“TikTok iOS subscribes to every keystroke (text inputs) happening on third party websites rendered inside the TikTok app. This can include passwords, credit card information, and other sensitive user data (keypress and keydown),” Krause wrote.
...
TikTok confirmed that the code exists in its iOS app, but claimed that it doesn’t use it.
Sure, TikTok. Sure.
Quote:A Chinese hacking group simultaneously used six different backdoors against more than a dozen industrial plants, research institutes, government agencies and ministries in Belarus, Russia, Ukraine and Afghanistan, researchers with Kaspersky said Monday.
...
The vulnerability exploited in the attack, first discovered in January 2022, allowed the attackers to execute code without any additional user activity, the researchers said. In one case, they said, the attackers gained control over an unnamed cybersecurity solutions control center and ran a “golden ticket” attack, which gave them widespread access and persistence in the network.
A Chinese hacking group tracked as TA428 by multiple threat intelligence research groups is the likely culprit, the Kaspersky researchers said Monday, based on various technical indicators and overlaps with previous operations, including one that targeted a Russian-based defense contractor with ties to the Russian Navy, according to Cybereason.
...
Chinese-aligned hackers associated with multiple groups and campaigns have been busy targeting Russian entities in the wake of the Feb. 24 Russian invasion of Ukraine, primarily seeking intelligence on Russian government thinking or planning, researchers have said.
Campaigns have also included information operations targeting both domestic and international audiences that have boosted Russian disinformation narratives, a reflection of the complicated and varying tasks of the plethora of Chinese-aligned hacking groups.
Take into account how Chinese hackers had attacked the Vatican once in order to learn more about some negotiations both the Vatican and the CCP were about to hold later on.
Quote:The Chinese government appears to use its software vulnerability disclosure rules to preview dangerous zero-day flaws before tech companies can deploy fixes, a top Department of Homeland Security official said Wednesday.
Beijing’s strict vulnerability reporting rules mean government officials could get “early access” to even the most serious vulnerabilities, DHS Under Secretary for Policy Robert Silvers said during the Black Hat cybersecurity conference in Las Vegas.
...
Silvers said that a DHS review board assembled to investigate the recent Log4j software vulnerability, which was initially discovered by the Chinese tech giant Alibaba, concluded its inquiry with “very troubling” questions about Chinese disclosure rules.
...
In the case of the Log4j vulnerability, however, Alibaba revealed the flaw prior to notifying the Chinese government, according to Silvers.
Chinese companies are required to report vulnerabilities to the government within two days of discovering them. They are also barred from publicly disclosing vulnerabilities during “major national events.”
Silvers was speaking about the findings of the DHS Cyber Safety Review Board, a group of 15 top public and private sector cybersecurity experts whose inaugural investigation into the Log4j vulnerability wrapped last month. He said that board members are concerned by Chinese news reports that Alibaba was punished for publicly disclosing the vulnerability before alerting the Chinese government.
...
The board found that Alibaba told the Chinese government about the vulnerability on Dec. 13, four days after informing the Apache Software Foundation, said Silvers. The Chinese government talked to the review board but did not address whether Alibaba was penalized in any way, he said.
Here's another solid proof of how the CCP doesn't believe in (cyber) transparency at all.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
Quote:A Chinese-based cyberespionage group targeted Australian officials with reconnaissance malware to siphon off details about the victims hackers could use to execute more targeted strikes, researchers with cybersecurity firm Proofpoint and the PwC Threat Intelligence team said.
The cyberespionage campaign that focused on government, energy and manufacturing personnel in the Asia-Pacific region deployed phishing emails directing targets to a fake news outlet, the researchers said. The attackers — referred to as both TA423, Red Landon and APT40 — designed the site to deliver malware known as ScanBox.
The Chinese-based group has been active for nearly a decade, dating back to 2013, with a primary focus on the South China Sea, but known to have victims across the globe. In 2021, the Department of Justice tied APT40 to China’s Ministry of State Security.
In this latest campaign that took place between April and June, the hacking group appeared to focus on global heavy industry manufacturers that conduct maintenance of fleets of wind turbines in the South China Sea.
The phony “Australian Morning News” news site contained images and stories lifted from legitimate news organizations, the researchers said. A previous operation believed to be associated with the Chinese cyberespionage group, in 2018, targeted Cambodia in much the same way.
...
Analysis of the latest operation showed links to earlier activity from the group dating back to March 2021, the researchers found. Phishing emails sent between March 2021 and September 2021 used malicious RTF files to deliver Meterpreter, malware within the Metasploit framework that allows an attacker to run commands on a victim computer.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
10-17-2022, 03:50 AM
(This post was last modified: 10-17-2022, 03:50 AM by kyonides.)
Quote:A long-running Chinese-linked cyberespionage group targeted a U.S. state legislature’s network in July, marking the outfit’s first confirmed attack against the U.S. in years, according to analysis published Thursday.
The findings from the Symantec Threat Hunter Team point to a group the company refers to as Budworm. Other researchers call the group Bronze Union, APT27, Emissary Panda, Lucky Mouse and Temp.Hippo. The group has operated since at least 2013 and is known for targeting a wide range of industries “in support of its political and military intelligence-collection objectives.”
The outfit has attacked “a number of strategically significant targets” over the last six months, Symantec said, including the government of a Middle Eastern country, a multinational electronics manufacturer as well as the unnamed U.S. state legislature.
...
National Security Agency cyber chief Rob Joyce told reporters last week that China has become “really brazen, doubling down on their activities to steal intellectual property and compromise sensitive networks.”
The comments came after the NSA, FBI and the Cybersecurity Infrastructure and Security Agency published the top vulnerabilities that Chinese-linked cyber operators use to target U.S. and allied networks.
...
The recent attacks Symantec attributes to Budworm took advantage of two Log4j vulnerabilities to compromise Apache Tomcat service on servers and install web shells. From there, the group installed malware from the HyperBro malware family, as well as the PlugX/Korplug remote access trojan, the researchers said.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
Quote:A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world.
The primary targets of the intrusions from May to October 2022 included counties in the Asia Pacific region such as Myanmar, Australia, the Philippines, Japan, and Taiwan, cybersecurity firm Trend Micro said in a Friday report.
Mustang Panda, also called Bronze President, Earth Preta, HoneyMyte, and Red Lich, is a China-based espionage actor believed to be active since at least July 2018. The group is known for its use of malware such as China Chopper and PlugX to collect data from compromised environments.
Activities of the group chronicled by ESET, Google, Proofpoint, Cisco Talos, and Secureworks this year have revealed the threat actor's pattern of using PlugX (and its variant called Hodur) to infect a wide range of entities in Asia, Europe, the Middle East, and the Americas.
The latest findings from Trend Micro show that Mustang Panda continues to evolve its tactics in a strategy to evade detection and adopt infection routines that lead to the deployment of bespoke malware families like TONEINS, TONESHELL, and PUBLOAD.
"Earth Preta abused fake Google accounts to distribute the malware via spear-phishing emails, initially stored in an archive file (such as RAR/ZIP/JAR) and distributed through Google Drive links," researchers Nick Dai, Vickie Su, and Sunny Lu said.
Initial access is facilitated through decoy documents that cover controversial geopolitical themes to entice the targeted organizations into downloading and triggering the malware.
In some cases, the phishing messages were sent from previously compromised email accounts belonging to specific entities, indicating the efforts undertaken by the Mustang Panda actor to increase the likelihood of the success of its campaigns.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
Quote:The NSA said it believes a Chinese hacking crew known as APT5 “has demonstrated capabilities” against an application delivery controller made by Citrix. Citrix released an emergency patch to fix the vulnerability on Monday and said that “exploits of this issue on unmitigated appliances in the wild have been reported.”
The spy agency’s advisory effectively burns down an apparent Chinese intelligence operation by exposing its tools and advising potential victims on how to prevent further attacks.
...
“Chinese actors with a history of using zero days often ramp up after they’ve been discovered,” said John Hultquist, the vice president for intelligence analysis at Mandiant. While they are undetected, these groups will try to avoid tripping the alarm, but “after the zero day is observed all bets are off,” he said.
Active since at least 2007, APT5 is a well-known Chinese hacking group with a history of attacking networking companies and devices. The group has a history of attacking telecommunications and technology firms, with a particular interest in defense-related technology. In 2019, the group was caught attacking virtual private networks to steal user credentials and monitor traffic.
The revelation of the Citrix flaw on Tuesday comes a day after Fortinet revealed a severe vulnerability that also allows remote code execution for one of its VPN products.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
02-28-2023, 11:50 PM
(This post was last modified: 02-28-2023, 11:51 PM by kyonides.)
Quote:CrowdStrike, which tracks over 200 adversaries, observed a surge in what it described as “China-nexus” espionage: last year, threat actors linked to the Asian superpower targeted all 39 global industry sectors across 20 geographic regions.
They primarily attacked organizations in East, Southeast, Central, and South Asia, operating in the government, technology, and telecommunications sectors. European and North American victims accounted for around a quarter of China-affiliated intrusions.
Threat actors attempted to collect strategic intelligence, compromise intellectual property, and surveil targeted groups, all key goals of the Chinese Communist Party (CCP). Such nation-state entities are known to target governments for intelligence, while attacking tech organizations to get their hands on research and development data, restricted information, and trade secrets.
“Telecommunications entities present adversaries with the capacity to amplify intelligence collection or
surveillance efforts via direct access to foreign infrastructure,” CrowdStrike added.
Taiwan-based technology companies constituted a key target, likely in support of “CCP goals for technologic [sic] independence and dominance,” with organizations based in the disputed island nation believed to have been targeted by Chinese nationalist hacktivist groups.
Oh don't forget to add 2 "meteorological balloons" overflying US, Canada and Latin America.
Quote:Last year adversaries reweaponized known vulnerabilities, such as the infamous Log4Shell, which continued to ravage the internet.
...
Vulnerabilities like ProxyNotShell and Follina – two of Microsoft’s 1,200 vulnerabilities patched in 2022 – were broadly exploited “as nation-nexus and e-crime adversaries circumvented patches and sidestepped mitigations.”
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
Quote:The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing social engineering campaign that commenced in January 2023.
...
Attack chains orchestrated by the group have stepped up targeting of European entities in the wake of Russia's full-scale invasion of Ukraine last year. The victimology of the current activity is unclear, but the Slovak cybersecurity company said the decoy filenames are in line with the group's previous campaigns that target European political organizations.
That said, ESET also observed attacks against unknown entities in Bulgaria and Australia, as well as a governmental institution in Taiwan, indicating focus on Europe and Asia.
Mustang Panda has a history of using a remote access trojan dubbed PlugX for achieving its objectives, although recent intrusions have seen the group expanding its malware arsenal to include custom tools like TONEINS, TONESHELL, and PUBLOAD.
In December 2022, Avast disclosed another set of attacks aimed at government agencies and political NGOs in Myanmar that led to the exfiltration of sensitive data, including email dumps, files, court hearings, interrogation reports, and meeting transcripts, using a PlugX variant called Hodur and a Google Drive uploader utility.
What's more, an FTP server linked to the threat actor has been found to host a variety of previously undocumented tools used to distribute malware to infected devices, including a Go-based trojan called JSX and a sophisticated backdoor referred to as HT3.
...
The initial intrusion vector for the attacks is spear-phishing, with MQTT distributed via RAR archives containing a single executable that features filenames with diplomatic themes (e.g., "PDF_Passport and CVs of diplomatic members from Tokyo of JAPAN.eXE").
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
03-09-2023, 07:34 AM
(This post was last modified: 03-09-2023, 07:34 AM by kyonides.)
Quote:An older version of Shein's Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server.
The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that was released on December 16, 2021. The issue has since been addressed as of May 2022.
Shein, originally named ZZKKO, is a Chinese online fast fashion retailer based in Singapore. The app, which is currently at version 9.0.0, has over 100 million downloads on the Google Play Store.
The tech giant said it's not "specifically aware of any malicious intent behind the behavior," but noted that the function isn't necessary to perform tasks on the app.
...
To mitigate such privacy risks, Google has further made improvements to Android in recent years, including displaying toast messages when an app accesses the clipboard and barring apps from getting the data unless it is actively running in the foreground.
...
"Leveraging clipboards can enable attackers to collect target information and exfiltrate useful data."
Quote:High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year.
The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the group's attack chains observed in 2021.
Israeli cybersecurity company Check Point said the "long-running" activities have historically singled out countries such as Vietnam, Thailand, and Indonesia. Sharp Panda was first documented by the firm in June 2021, describing it as a "highly-organized operation that placed significant effort into remaining under the radar."
The use of the Soul backdoor in real-world attacks was first detailed by Broadcom's Symantec in October 2021 in connection to an unattributed espionage operation targeting defense, healthcare, and ICT sectors in Southeast Asia.
...
The attack chain detailed by Check Point begins with a spear-phishing email containing a lure document that leverages the Royal Road Rich Text Format (RTF) weaponizer to drop a downloader by exploiting one of several vulnerabilities in the Microsoft Equation Editor.
The downloader, in turn, is designed to retrieve a loader known as SoulSearcher from a geofenced command-and-control (C&C) server that only responds to requests originating from IP addresses corresponding to the targeted countries.
The loader is then responsible for downloading, decrypting, and executing the Soul backdoor and its other components, thereby enabling the adversary to harvest a wide range of information.
...
It further noted that the campaign is likely "staged by advanced Chinese-backed threat actors.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
03-12-2023, 05:45 AM
(This post was last modified: 03-12-2023, 05:45 AM by kyonides.)
Quote:The data is primarily used to determine which advertisements to place in front of you but can be used for other purposes, particularly if collected by the Chinese Communist Party (CCP), according to [retired Air Force Brig. Gen. Robert] Spalding.
...
Data Surveillance
U.S. corporations and government officials may be particularly vulnerable to data surveillance, according to Spalding.
...
“Somebody can track you and who you’re talking to. All they need to do is provide that data to an intel analyst and they can present a fairly good picture of what that person is doing. So it’s a competitive intelligence problem for business.”
The threat is magnified when data is collected on elected officials or government staff members, Spalding said.
...
Through data surveillance, whoever collects the data from our cell phones knows us better than we know ourselves, Jekielek said in summary.
...
Productivity Loss
American teens spent much more time than that using social apps in 2021, according to a study by Common Sense media. For teenagers, the average screen entertainment time was over 8.5 hours. For tweens, it was 5.5 hours.
All of that adds up to a significant loss of productivity for adults and a huge misdirection of attention for young people, according to Spalding, who said that result is intentional by the Chinese government, which owns a share of TikTok’s parent company. Children and adults watch videos on the app for hours, drawn in by algorithms that predict the content that will appeal to each user.
By contrast, use of the app Douyin, the Chinese equivalent of TikTok, is limited to 40 minutes a day by the CCP, Spalding said.
“So if you ask a kid in China, ‘What do you want to be when you grow up?’ They’ll say, ‘I want to be an astronaut,’”...But if you ask a child in the West the same question, they’ll say they want to be a social media influencer, he said.
...
Disinformation
The official stance of the party is that liberal democracy is a fiction created by the American people to destroy the Communist Party.
“That’s what they say in Document No. 9,” he said, referring to the party communique that warns against Western values like freedom of the press and judicial independence in an effort to reinforce one-party rule.
The CCP uses social media to insert its messaging into the minds of Americans, according to Spalding. “China is trying to convince the world that it has a better system.”
“It doesn’t stop at TikTok. They’re on Twitter, they’re on Facebook. They’re on all their platforms and all of ours.”
Guys, now I'm free to tell you that you've been warned.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Posts: 4,607
Threads: 543
Joined: Dec 2009
Quote:Google recently pulled the Chinese-owned Pinduoduo app off of its Google Play App Store after malware was found on a Chinese version of the app.
“Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect,” the Google Play spokesperson said in an emailed statement on Tuesday.
Though Google Play hasn’t found the malware on the version of the app distributed through its app store, the technology and search engine company is preventing users from downloading “Off-Play” versions of the app on devices that use Google Play. Google also decided to suspend the Play Store version of the app while it continues to scrutinize the app.
“Google Play Protect enforcement has been set to block installation attempts of these identified malicious apps,” the Google Play spokesperson said. “Users that have malicious versions of the app downloaded to their devices are warned and prompted to uninstall the app. We have suspended the Play version of the app for security concerns while we continue our investigation.”
...
Pinduoduo said several other apps have also been suspended by Google Play and said suspensions can happen for any number of reasons. Google did not comment on other apps that the Play Store service may have suspended.
PDD Holdings’ shares fell 1.8 percent in premarket trading on Tuesday amid news of the app’s suspension on the Google Play Store.
Pinduoduo is an e-commerce website developed by the Shanghai-based PDD Holdings. Pinduoduo’s e-commerce service is primarily used as a way for farmers to sell their agricultural products. PDD Holdings has also developed the Temu e-commerce service.
...
Google’s decision to suspend the Pinduoduo app on its Google Play App Store comes as the United States is becoming increasingly wary of cybersecurity vulnerabilities related to Chinese apps and technology services.
Quote:Over a hundred residents learned how the Chinese communist regime extended its long arm to threaten U.S. communities at a seminar in Warwick, New York.
On the same day of the event, on March 22, a cyberattack out of mainland China was said to hit one of the largest health care providers in Orange County and held its system hostage.
County Executive Steve Neuhaus mentioned the cyberattack at the seminar, adding that he heard of it from the Department of Homeland Security and immediately notified the provider.
He said that China’s growing military power also poses a threat to every American.
...
Panelist Sean Lin said the Chinese regime had been engaged in unrestricted warfare against the free world for years, covering cyber, military, economy, social media, and elections.
...
Lin is a survivor of the Tiananmen Square massacre and a former U.S. Army officer.
Panelist Chris Chappell mentioned a new Chinese e-commerce company called Temu, which grew influential almost overnight with the backing of the communist regime.
Temu was featured in this year’s Super Bowl ads and recently surpassed Amazon and Walmart to become the most downloaded app in the United States.
“This is why the United States cannot compete with China because we think we are playing on a fair-trade playing field when they consider themselves at war with [us],” Chappell said.
“China has weaponized its economy to undermine and destroy the U.S.”
...
Panelist and author Kay Rubacek said the evil nature of the CCP is beyond the imagination of most American people.
She took a deep dive into the regime through interviews with many high-level officials, which formed the basis of her book “Who Are China’s Walking Dead?”
“One former police commissioner from Beijing, the capital city of China, said to me: ‘You Westerners, you cannot understand real evil. You are too good. You are too kind,’” she said.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
|