China’s salt typhoon hacker violates the U.S. National Guard for nearly a year

After the last report The “original” Jeffrey Epstein prison video released by the FBI may have been modified in at least some ways (although there is no evidence that the camera was deceptively manipulated).

The U.S. Department of Homeland Security faces controversy over DNA samples added to the crime database from approximately 133,000 immigrant children and teenagers. Meanwhile, researcher Jeremiah Fowler published the findings this week, in which more than 2 GB of very sensitive adoption of relevant data (including information about biological parents, children and adoptive parents) are exposed and publicly accessed on the public Internet.

Roblox’s new trusted connectivity features include age verification using AI to scan teenagers for video selfies and determining whether they can be granted unfiltered chats with people they know. As video DeepFake features mature, including AI tools that can manipulate live video footage, the “nude” platform has attracted millions of users and has attracted millions of dollars in revenue using technology from U.S. companies.

And more. Every week, we fill in security and privacy news that we don’t cover in depth. Click on the headlines to read the full story. And stay safe.

The Chinese state-sponsored hacker group known as Salt Typhoon has already shocked the United States, and in the Apocalypse last year, it had penetrated deeply into the U.S. telecommunications system, even text messages and phone conversations against citizens including then-Donald Trump and JD Vance. It now appears that the group’s espionage includes the U.S. military, and for most of the past, it has spent most of its time in the U.S. National Guard network in at least one state. NBC News reported this week a DHS memorandum obtained by the National Security Transparency nonprofit property warned Chinese hacker groups to violate the state-level National Guard network from March to December last year. It does not determine which state has become the target. According to the memorandum, the access to Yanchi “may provide Beijing with data to facilitate hacking attacks by Army National Guard units in other states and may provide many state-level cybersecurity partners.”

The Trump administration is developing a new digital system that aims to grant immigration and customs enforcement, with near real-time access to taxpayers’ sensitive data, including their home addresses. The internal blueprint revealed by ProPublica on Tuesday shows that the system is designed to automate and speed up data exchanges “on demand”, bypassing traditional IRS safeguards that typically require case-by-case review and legal proof. The system represents a significant shift in the way IRS data is accessed and has attracted the attention of civil liberties experts who say the process may violate privacy laws and further accelerate the ICE’s ability to obtain tax data for deportation purposes.

Zero-day vulnerability allows the brakes of trains to be triggered by malicious hackers, an unsettling concept. A 7,300-day vulnerability makes trains exposed to the brakes a shocking negligence for critical infrastructure in the United States. The Bureau of Cybersecurity and Infrastructure Security last week issued a consultation on the lack of authentication in the protocol, where devices (Heat) can send brake signals to another device (EOT) at the end of the train (EOT) to coordinate coordinated braking across trains, such as freight trains. This means that hackers can send their own unverified commands to commands that destroy trains, shut down rail networks, and even lead to derailment. The fact that researchers found the vulnerability was first reported in 2005 but was never taken seriously or fixed, makes the problem even worse. Thousands of fragile heat and EOT devices will be replaced in the process that begins next year.

Hackers who want to build botnets that control malware devices can search for the vulnerability of these devices (rich enough) and exploit them remotely. Or better yet, they can even infect them before shipment. Google announced this week that it will file a lawsuit against administrators of the so-called Badbox 2.0 botnet, which consists of 10 million Android-powered TVs that have been infected with malware in some way before being sold to consumers. Google described as a botnet operator in China’s cybercriminals, then sold access to these devices as proxy machines, or forged ad views in a wide range of click effect schemes. Badbox 2.0 “already as the largest known botnet of internet-connected TV devices, it is growing every day. It has harmed millions of victims in the United States and around the world and threatened more victims,” Google’s complaint said.