US Sanctions Chinese Cybersecurity Firm for Ransomware Attack

US Sanctions Chinese Cybersecurity Firm for Ransomware Attack

The U.S. has sanctioned Sichuan Silence, a Chinese cybersecurity firm involved in ransomware attacks targeting critical infrastructure in 2020. One of its employees, Guan Tianfeng, has also been charged individually. Guan, a security researcher, discovered a zero-day vulnerability in a firewall product developed by U.K.-based security firm Sophos. He exploited the vulnerability, designated CVE 2020-12271, using a SQL injection attack that retrieved and remotely executed a script from a malicious server. Guan and his co-conspirators…

Read More

U.K. and U.S. Agree to Collaborate on the Development of Safety Tests for AI Models

U.K. and U.S. Agree to Collaborate on the Development of Safety Tests for AI Models

The U.K. government has formally agreed to work with the U.S. in developing tests for advanced artificial intelligence models. A Memorandum of Understanding, which is a non-legally binding agreement, was signed on April 1, 2024 by the U.K. Technology Secretary Michelle Donelan and U.S. Commerce Secretary Gina Raimondo (Figure A). Figure A U.S. Commerce Secretary Gina Raimondo (left) and U.K. Technology Secretary Michelle Donelan (right). Source: UK Government. Image: U.K. government Both countries will now…

Read More

US Bracing for Bolder, More Brazen Russian Cyberattacks

US Bracing for Bolder, More Brazen Russian Cyberattacks

Washington —  Repeated failures by Russian cyberattacks and disinformation campaigns to inflict lasting damage during the Kremlin’s ongoing war against Ukraine is unlikely to dampen Moscow’s resolve and could instead spur a new wave of riskier efforts against a wider set of targets. The assessment, from a variety of U.S. government agencies, comes as Russia’s invasion of Ukraine has dragged into a second year, with Ukraine and its Western backers preparing for Moscow to unleash…

Read More