The Twitter account belonging to Liu Xiaoming, China’s ambassador to the UK, was apparently hijacked earlier this week, the BBC reports. Mr. Liu’s account displayed “Likes” that included Tweets highly critical of Beijing’s repressive policies toward several of its domestic groups and regions. It also linked to a clip of adult content. China’s embassy in London yesterday denounced the hijacking (the work of “anti-China elements”) and called for Twitter to investigate.
Comparitech’s look at the cyber underworld and its criminal markets led it to conclude that some eighty-six vulnerabilities in content management systems affecting more than a hundred-thousand sites are being actively traded. Many of the vulnerabilities are zero-days, and they’re exploited for the most part in website defacement attacks. Defacement is common, Comparitech thinks, because hackers want to count coup; they want to be noticed.
ESET this morning released a study of CDRThief, malware that attacks certain Chinese-manufactured voice-over-IP switches.
The Washington Post says that ByteDance, TikTok’s corporate parent, is in discussions with the US Government to determine if US security concerns can be allayed by anything short of the sale of much of the social platform to American companies.
Ireland’s Data Protection Commission, the EU’s one-stop GDPR shop for many American companies, has told Facebook to stop transferring data about its European users to the US, the Wall Street Journal reports. The directive was issued pursuant to the July ruling by the European Court of Justice that invalidated the Privacy Shield arrangement between the EU and the US.