Recorded Future's Insikt Group has found procurement documents indicating that China's PLA Unit 61419 has sought to purchase foreign anitvirus programs. The Insikt Group thinks it likely that the intention is to use them for exploitation, either to use them as test environments for PLA-developed attack tools or to identify vulnerabilities that could be exploited for initial intrusion in zero-day attacks. (Coincidentally or not, shortly after publishing its article on Chinese purchases of anti-virus technology, Recorded Future's Record came under a distributed denial-of-service attack.) In April Japanese authorities attributed a long-running cyberespionage campaign to Peoples Liberation Army Unit 61419.
MIT Technology Review reports that US intelligence services have concluded that an iPhone exploit nicknamed "Chaos" disclosed during the inaugural Tianfu Cup hacking competition in 2018, was subsequently used by Chinese security services for surveillance of China's Uyghurs. The Tianfu Cup was established as a domestic Chinese alternative to such international hacking competitions as Pwn2Own.
Trend Micro this week has described Panda Stealer, an information-stealer spread by phishing that targets digital currency wallets. Panda Stealer has been most active against targets in the United States, Australia, Japan, and Germany.
Exercise equipment manufacturer Peleton is dealing with reports of a leaky API that could expose personal data of users, TechCruch reports. Pen Test Partners, which disclosed the issue to Peleton in January, says the API permitted unauthenticated requests for user account data.
The US Department of Defense has opened all of its publicly accessible websites and applications to its Vulnerability Disclosure Program.