Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor

andreasc
-
0
Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor
[ad_1]
Chinese Hackers Targeting with Watering Holes and Trojanized Software

Cybersecurity researchers at ESET identified the cyberespionage campaign, highlighting how hackers compromised both the Tibetan news website Tibetpost and the website of the Monlam Festival, a significant event in Tibetan Buddhism.

A Chinese-backed hacking group, Evasive Panda (also known as BRONZE HIGHLAND and Daggerfly), has launched a cyberespionage campaign targeting Tibetans globally. The operation, detected in January 2024 by ESET researchers, began in September 2023 and uses a two-fold attack strategy: Watering hole attacks and spreading backdoor.

What is a Watering hole attack?

A watering hole attack is a cyberattack strategy where hackers compromise websites that their target victims frequently visit. By injecting malicious code into these websites, the attackers can infect the devices of unsuspecting visitors.

This tactic relies on the trust users have in the compromised websites, leading them to unknowingly download malware or provide sensitive information, making it an effective method for targeting specific groups or organizations.

Exploiting Religious Gatherings and Software Downloads

Evasive Panda capitalized on the Monlam Festival, a major Tibetan Buddhist event, by compromising the festival’s website. This “watering hole” attack tricked visitors from specific networks into downloading malware disguised as legitimate software.

As detailed in ESET’s comprehensive technical blog post, the attackers also compromised the Tibetan news website Tibetpost to distribute malicious payloads, including backdoors for Windows and unknown malware for macOS.

The attackers fielded several downloaders, droppers, and backdoors, including MgBot – which is used exclusively by Evasive Panda – and Nightdoor: the latest major addition to the group’s toolkit and which has been used to target several networks in East Asia.

ESET

Sophisticated Arsenal for Network Infiltration

The attackers used a mix of known and unknown tools, including the custom-made Windows backdoor “Nightdoor” alongside the previously linked MgBot malware. This variety suggests a well-equipped and resourceful group.

Chinese Hackers Targeting with Watering Holes and Trojanized Software
The backdoored versions of Windows and macOS applications are hosted on the download page of a legitimate website (ESET)

Targeting Specifics and Exploiting Opportunities

By exploiting software vulnerabilities and compromising online platforms, Evasive Panda aimed to infiltrate targeted networks. The campaign’s timing, coinciding with the Monlam Festival, highlights their attempt to exploit increased online activity during religious events.

The recent discovery of Evasive Panda’s cyber-espionage campaign targeting Tibetans is consistent with previous actions by Chinese hackers. These groups have a track record of targeting Tibetan communities. Additionally, similar tactics have been used in the past to target Uyghurs, employing evasive Android malware for their malicious activities.

  1. Android Trojan Virus Attack on Tibetan Activists
  2. Chinese Group ‘Admin338’ Use DropBox To Deliver Their Payload
  3. Chinese facial recognition database tracking Muslims left exposed
  4. Android malware HenBox hits Xiaomi devices, Chinese minority group
  5. Chinese Hackers Were Spying on Taiwan Prior To Upcoming Elections

[ad_2]
Source link

Google Play Store could soon offer ‘parallel downloads’

andreasc
-
0
Google Play Store could soon offer ‘parallel downloads’
[ad_1]

Google is seemingly planning to deliver the ‘parallel downloads’ feature to the Play Store. The latest version of the Google Play Store is pointing in that direction, it’s not just a rumor.

Google Play Store could soon offer the ‘parallel downloads’ feature

According to findings by AssembleDebug, the Google Play Store 40.0.13 is the version in question here. Enabling specific flags produced the source with the ability to download multiple apps at the same time.

Google Play Store parallel downloads feature coming

That sounds great, right? Well, yes, but the feature doesn’t seem to work with updates. It only works upon the initial installation of a specific app, which is nowhere near as useful as having something like this for updates.

Google also placed a cap on the number of simultaneous downloads you can conduct. Only two can be downloaded at the same time. Do note that AssembleDebug managed to push that up to 5, though, via the code.

Something similar was spotted four years ago

If all of this sounds familiar, there’s a good reason for it. This feature was in testing four years ago. It never came to be, however, and it functioned a bit differently back then.

That being said, Google seems to be more serious this time around. We could actually see this feature arrive as a standard feature in the near future. Google is still in the testing phase, though, so… who knows how long will that take.

It would be great if Google would consider tweaking this feature further, however. In two ways, first, and more importantly, for this to work with app updates. Also, second, for the feature to work with more than two apps at the same time.

That being said, there’s also a chance Google will scrap everything, of course. The company did not confirm this feature is coming or anything of the sort, so we cannot know for sure.


[ad_2]
Source link

Meta layoffs affect over 50 people working at Messenger team

andreasc
-
0
Meta layoffs affect over 50 people working at Messenger team
[ad_1]

The tech industry layoffs don’t seem to stop. The industry continues to be in bad shape, and hence the layoffs follow. At Meta, the workers might’ve seen this coming when the company retained the “year of efficiency” policy. This might mean that the company would continue to make restructuring decisions which would also impact jobs. As a part of it, Meta has once again announced layoffs and this time it’s hurting those who were working on the Facebook Messenger team. Notably, this restructuring plan has affected some Instagram employees, as well.

Meta layoffs cut about 50 jobs working at Facebook Messenger team

As per a report from Business Insider, Meta has announced yet another round of layoffs. As a part of it, over 50 jobs were affected in the Meta-owned Facebook Messenger team. Positions related to technical program management (TPM) have been impacted. More importantly, Meta denied comment on the same apart from recalling the “efficiency” drive.

The ongoing efficiency drive, part of CEO Mark Zuckerberg’s “year of efficiency,” has created a culture shift within Meta, fostering anxiety among workers amidst organizational reorganizations and continual layoffs.

Approximately two days ago, Meta made headlines once again, but not for positive reasons. Its services, including Facebook, Instagram, and Threads, experienced an outage lasting nearly one and a half hours. Notably, its instant messaging platform WhatsApp remained unaffected. Elon Musk and his platform X also criticized Meta for the outage.

The tech industry continues to be in a bad shape

According to layoffs.fyi, a tech industry job cuts tracking website, nearly 50,000 tech workers have faced layoffs so far in 2024, which is around 20% of the total layoffs from the previous year. This worrying trend shows a persistent rise in job cuts within the sector. This indeed raises concerns about the stability of employment in the tech industry.


[ad_2]
Source link

Simpler iPhone to Android switching: Apple is working on a tool to ease moving data

andreasc
-
0
Simpler iPhone to Android switching: Apple is working on a tool to ease moving data
[ad_1]

TL;DR:

  • EU’s DMA law is forcing Apple to change its ways: iPhone users in the EU will be able to uninstall Safari and transfer data to Android phones easily
  • Apple is developing a user-friendly data transfer tool for iPhone to Android switching, expected by fall 2025
  •  This could address the limitations of existing tools, allowing easier transfer of data like bookmarks and purchased apps.
As the European Union’s Digital Markets Act (DMA) kicks in, major tech players like Apple are adapting to meet regulatory requirements or face substantial penalties. Apple, recognized as a gatekeeper, is set for another ecosystem adjustment.

According to The Verge, Apple is slated to enable EU-based iPhone users to uninstall its Safari browser by the end of 2024. Simultaneously, the company is developing a “user-friendly” data transfer feature for moving data from an iPhone to a non-Apple phone, aka an Android phone. This feature is expected to be rolled out by fall 2025, as outlined in a recent compliance document.


The document does not specify whether these features will be accessible globally or restricted to EU users. However, many of Apple’s previously announced DMA compliance plans, such as running non-WebKit browser engines and installing third-party app stores, are currently limited to the EU.


According to Apple’s document, the phone data transfer feature is 

a solution that helps mobile operating system providers develop more user-friendly solutions to transfer data from an iPhone to a non-Apple phone.

The document also mentions that the plans for this feature will leverage existing migration tools already offered by other companies.


Google already offers the “Switch to Android” app for iOS, but the app has limitations in transferring certain data, such as paid apps, Safari bookmarks, alarms, and miscellaneous files. Apple’s upcoming solution hopefully would address some of these gaps.

 
With the latest iOS 17.4 update, Apple introduced significant changes to its EU ecosystem rules, allowing users more flexibility, including sideloading apps from third-party stores and choosing default browsers.


The EU’s DMA aims to create a fairer digital playing field. It targets large platforms designated as gatekeepers that control access to online services. Among the gatekeepers listed are Apple, Google, Microsoft, Meta, Bytedance’s TikTok, and Amazon. These tech giants must follow new rules to ensure competition and give users more choices.


[ad_2]
Source link

China Panda APT Hacking Websites To Infect Windows And MacOS Visitors With Malware

andreasc
-
0
China Panda APT Hacking Websites To Infect Windows And MacOS Visitors With Malware
[ad_1]

Evasive Panda dubbed BRONZE HIGHLAND and Daggerfly, a Chinese-speaking APT group operating since at least 2012, has been spotted conducting cyberespionage targeting individuals in mainland China, Hong Kong, Macao, and Nigeria. 

Southeast and East Asian governments, notably those in China, Macao, Myanmar, the Philippines, Taiwan, and Vietnam, were the targets of attacks. The targets included other Chinese and Hong Kong groups.

Since 2020, Evasive Panda has been capable of using adversary-in-the-middle attacks to spread its backdoors by obtaining updates from legitimate software.

“The group uses its own custom malware framework with a modular architecture that allows its backdoor, known as MgBot, to receive modules to spy on its victims and enhance its capabilities,” ESET researchers shared with Cyber Security News.

Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
    • If you want to test all these features now with completely free access to the sandbox: ..

Specifics Of The Cyberespionage Campaign

Since September 2023, Tibetans have been the victims of a cyberespionage campaign that was uncovered.

It used a supply-chain compromise to distribute trojanized installers of software that translated Tibetan language and a targeted watering hole, also known as a strategic web compromise. 

The hijacked website being used as a watering hole is owned by the Kagyu International Monlam Trust, an Indian organization that spreads Tibetan Buddhism worldwide.

Timeline of events related to the attack

The attackers intended to use malicious downloaders for macOS and Windows to infect website users with MgBot and a backdoor known as Nightdoor. 

MgBot, which is used exclusively by Evasive Panda, can provide attackers with a significant amount of information about compromised machines.

Nightdoor was first discovered in 2020, the Google Drive API or UDP is the two ways the backdoor and its C&C server can communicate.

First, the attackers installed a script on the website that checks the IP address of the possible victim and, if it falls within one of the targeted addresses.

The script sends an HTTP request to determine whether the attacker’s intermediary downloader is currently operating on the possible victim’s computer.

The implant responds on a previously hacked system with handleCallback({“success”:true }).

JavaScript code that checks in with the implant

Subsequently, it displays a fake error page that convinces the user to download a “fix” called certificate (which, depending on the operating system, ends in.exe for Windows or.pkg for macOS). 

A fake graphic rendered by the JavaScript

Depending on the user’s operating system, a script that downloads a payload is triggered when they click the “Immediate Fix” button.

Researchers suspect that at the time, the attackers took advantage of the Monlam festival that was scheduled to take place in January and February of 2024 to compromise individuals who visited the website that had turned into a watering hole.

The attackers deployed a number of downloaders, droppers, and backdoors, such as Nightdoor, the most recent significant addition to the group’s toolkit, which has been used to target multiple networks in East Asia.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


[ad_2]
Source link

Twitch app will be get a huge makeover soon, CEO confirms

andreasc
-
0
Twitch app will be get a huge makeover soon, CEO confirms
[ad_1]

Twitch is now readying a big mobile app makeover, which will mark the first major upgrade since 2019. In an open letter to users written by the CEO, Dan Clancy, it was disclosed that the landing page of this application will become a discovery feed to immerse viewers more in their favorite videos. This feed, previously an experiment only, will aggregate real-time updates from followed channels with recommended content.

Twitch app will get a makeover with discovery features

One of the changes in the new app is the quick availability of updates for users. One can create these and upload them directly from a smartphone or tablet as a video story. The update also brings pinch-to-zoom for photos and sharing portrait videos to stories.

There’s also some exciting news for Apple users on Twitch. Moderation tools are now part of the mobile app, they were exclusive to desktop users until now. Flexible and user-friendly being some of its characteristics, iOS is set to launch these tools later this year. However, there’s no mention of Android’s participation in the feature yet.

Twitch is also rolling out updated community guidelines for 2024 beyond the mobile app update. Moreover, they aim to impose harsher penalties against certain forms of content and provide clearer definitions of harmful behavior in these rules. The platform also intends to bring onboard tools that will allow users to identify and block harassment more efficiently.

The platform will also fix your stream-sharing woes using Clip Editor

Twitch is making improvements to the clip editor feature due to concerns about content sharing. This change aims at simplifying the procedure of sharing content on social channels such as Instagram through direct export options. The clip editor will integrate with the mobile app update expected later this year. Folks at Eurogamer believe that the feature will be available after this year’s TwitchCon.

These are just but a few of the latest moves made by Twitch’s management, showing its continued commitment to improving users’ experience, promoting community engagement, and ensuring more secure environments for all Twitch users. With these updates coming soon, the platform will become more dynamic and interactive in the next few months.


[ad_2]
Source link

UAC-0050 Hacked Thousands Of Email Addresses

andreasc
-
0
UAC-0050 Hacked Thousands Of Email Addresses
[ad_1]

Threat actors target email addresses, as they provide a way to access personal and confidential information.

Emails often hold valuable data such as financials, login credentials, and personal messages.

The attackers could start different kinds of cyber-attacks and propagate malware via compromised email addresses.

Cybersecurity researcher Will (@BushidoToken) recently discovered that threat actors from UAC-0050 (aka DaVinci Group) have been actively targeting and hacking thousands of email addresses to malspam campaigns.

UAC-0050 Hacked Thousands

CERT-UA reported on 22 Feb 2024 linking UAC-0050 to “The DaVinci Group,” a Russian-speaking mercenary org tied to Russian law enforcement. 

UAC-0050 has been targeting Ukrainian organizations since the 2022 Russian invasion. 

Besides this, it’s been attributed to 15 malspam campaigns, acting as initial access brokers for threat groups like Sandworm and Fancy Bear.

Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
    • If you want to test all these features now with completely free access to the sandbox: ..

They deliver five malware families purchased with Bitcoin from underground cybercriminals, including Remcos RAT and Quasar RAT. 

CERT-UA shared artifacts like file paths and domains tied to UAC-0050 on various occasions by providing insight into their activities.

The DaVinci Group has been actively launching malspam attacks against Ukrainian targets since at least 2017.

They have targeted government ministries, local authorities, the military, and civilians with tens of thousands of harvested email addresses. 

Using tactics like posing as judicial authorities or security services, they distribute malicious attachments like Remcos RAT or RemoteUtilities RMM tools to deceive victims. 

Their evolving strategies show a concerning level of sophistication and persistence in their cyber operations.

DaVinci Group (Source – BushidoToken)

CERT-UA’s artifacts and DaVinci’s website mix-up became crucial pivots. The mistake exposed DaVinci operators’ details openly, unraveling their activities effortlessly.

DaVinci Website (Source – BushidoToken)

8161[.]uk serves as The DaVinci Group’s primary hub, showcasing their services collection. Not only that, but they also boast access to 150,000 Moscow CCTV cameras.

DaVinci Services (Source – BushidoToken)

Since August 25, 2018, the DaVinci Project site has links to domains like davincigroup[.]online.

It connects to social media profiles, including laughable Instagram with bare Russian models showcasing laptops.

DaVinci on Instagram showcased explicit ads and glimpses of hacking and surveillance work.

The clients contact us via Telegram, with multiple business-related accounts listed on their website’s Contact Us page.

Services Offered By DaVinci

Here below, we have mentioned all the services offered:-

  • Breaking into WhatsApp/Viber – 350,000 roubles parallel access with correspondence archive.
  • VK architecture with remote messages – 500,000 rubles exclusive from VKontakte servers.
  • Breaking into TV is from 500,000p.
  • Pk/mobile break-in – 150,000p.
  • Stealing social network/messenger accounts from 100,000p.
  • Gmail archive – 250,000p.
  • Corporate mail, 150,000p.
  • Withdrawal of info from cellular towers – from 300 000p
  • Interception of Internet traffic – from 400,000p
  • Monitoring cell phone movements – from 900,000p per week
  • Search for stolen cars – 200 000p
  • Establishment/elimination of exit/entry ban – 100,000p
  • Telegram hacking – 500,000p
  • Comprehensive dossiers on Phys. persons – from 20,000 rubles, Legal entity. persons – from 30,000 rubles
  • Ministry of Internal Affairs (Russia) requests – from 1500 rubles.
  • Interpol Search – from 50,000 rub.
  • Europol Search – from 80,000 rub.
  • Weapons (Registered weapons on a citizen) Search – from 5,000 rubles.
  • Crossing the border Search – from 11,000 rubles.
  • Flight Passenger list – from 10,000 rubles.
  • Determine data on IP – from 100,000 rubles.
  • Bank Account balance (balance) – from 20,000 rubles.
  • Addresses of ATMs used by the target – from 30,000 rubles/month
  • SMS details with text for 1 month: Any operator in the Russian Federation – from 150,000 rubles.
  • Flash, any operator in the Russian Federation (all operators) – from 40,000 rubles.
  • Marking call points on the map via BS per month (all operators) – from 10,000 rubles.

CERT-UA reports suggest DaVinci Group mercenaries may aid Russia in targeting Ukraine. Investigating their online presence shows capabilities but a lack of operational security.

DaVinci Group is a low-tier mercenary threat group blurring the lines between cybercrime and the Russian government.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


[ad_2]
Source link

Surge in Malicious Emails Bypassing Secure Email Gateways

andreasc
-
0
Surge in Malicious Emails Bypassing Secure Email Gateways
[ad_1]

The frequency of malicious emails successfully circumventing Secure Email Gateways (SEGs) has doubled in the past year.

This surge highlights the evolving sophistication of cyber threats and the challenges organizations face in protecting digital assets.

According to Cofense’s analysis, a malicious email bypasses SEGs every minute, signifying a relentless assault on corporate defenses.

The report indicates a staggering 310% increase in cyber-attacks on businesses since 2022, with credential phishing leading the charge.

This particular threat saw a 67% increase in volume over the previous year and was responsible for 91% of active threat reports in 2023.

Emerging Threats and Targeted Industries

The report also highlights a 331% rise in QR code-related threats and an astonishing 1,092% increase in Google AMP emails evading SEGs in the latter half of 2023.

Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
    • If you want to test all these features now with completely free access to the sandbox: ..

Healthcare and finance sectors are particularly at risk, experiencing 84.5% and 118% increases in malicious emails bypassing SEGs, respectively.

Cofense, a leader in email security, has released its 2024 Annual State of Email Security report, providing critical insights into threat actors’ latest trends and tactics.

Statistics That Demand Attention

The numbers revealed by Cofense are staggering:

  • A malicious email bypasses SEGs every minute, signaling a constant threat to organizations.
  • There has been a 310% increase in malicious cyber-attacks targeting businesses since 2022.
  • Credential phishing, the preferred method of attack in 2023, saw a 67% increase in volume from the previous year.
  • A whopping 91% of active threat reports last year were due to credential phishing.
  • QR code threats surged by 331% in 2023, indicating a new cyber-attack frontier.
  • Google AMP emails bypassing SEGs rose by 1,092% in the latter half of 2023.
  • The healthcare and finance sectors experienced an 84.5% and 118% increase in malicious emails, respectively.

Despite SEGs filtering numerous threats, they still miss 30-50% of attacks, and it only takes one successful email to compromise an organization’s data and reputation.

Proactive Measures: Training and Phishing Detection & Response

To combat these threats, Cofense emphasizes the importance of employee training.

Their security awareness training (SAT) program, Cofense PhishMe, employs simulations and interactive modules to educate employees on identifying and reporting malicious emails.

Furthermore, Cofense’s Phishing Detection & Response (PDR) solution leverages the collective power of its trained workforce and expert analysts.

The Phishing Defense Center (PDC) processes thousands of reported emails, quickly quarantining those deemed malicious and removing them from customer email systems globally.

The surge in malicious emails bypassing SEGs is a call to action for organizations to reassess their email security strategies.

By investing in comprehensive solutions like those offered by Cofense, businesses can fortify their defenses against the ever-evolving threat of cyberattacks.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


[ad_2]
Source link

Google Engineer Arrested for Stealing AI Tech Secrets

andreasc
-
0
Google Engineer Arrested for Stealing AI Tech Secrets
[ad_1]

A Google engineer has been arrested for stealing trade secrets, particularly those related to artificial intelligence (AI) technology.

Linwei Ding, also known as Leon Ding, is a 38-year-old software engineer and resident of Newark, California. A federal grand jury has indicted him on four counts of theft of trade secrets.

The indictment, returned on March 5 and unsealed on March 8, alleges that Ding transferred sensitive Google trade secrets to his account while secretly working with companies based in the People’s Republic of China (PRC) active in the AI industry.

National Security Concerns

Attorney General Merrick B. Garland, speaking at the American Bar Association’s 39th National Institute on White Collar Crime, emphasized the gravity of the situation, stating, “The Justice Department will not tolerate the theft of artificial intelligence and other advanced technologies that could put our national security at risk.”

The case highlights the Justice Department’s vigilance against the risks posed by AI, including threats to national security.

Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
    • If you want to test all these features now with completely free access to the sandbox: ..

Deputy Attorney General Lisa Monaco added that the defendant allegedly stole over 500 confidential files containing AI trade secrets from Google while covertly working for China-based companies seeking an edge in the AI technology race.

Theft of American Innovation

FBI Director Christopher Wray pointed out that the theft of innovative technology and trade secrets from American companies can have severe economic and national security consequences.

The FBI is committed to vigorously pursuing those responsible for such thefts.

The FBI recently tweeted about the arrest of a Chinese national living in California for stealing trade secrets related to artificial intelligence from Google.

The individual is accused of unlawfully accessing confidential information that could harm Google’s intellectual property.

Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division highlighted the role of the Disruptive Technology Strike Force in holding accountable those who steal advanced American technology.

The strike force is an interagency law enforcement group co-led by the Departments of Justice and Commerce, designed to target illicit actors and prevent critical technology from being acquired by authoritarian regimes and hostile nation-states.

Details of the Alleged Theft

According to court documents, the technology Ding is accused of stealing involves the building blocks of Google’s advanced supercomputing data centers, which support machine learning workloads used to train and host large AI models.

This process is central to Google’s proprietary hardware and software, including advanced computer chips and a software platform featuring a Cluster Management System (CMS).

Ding, hired by Google in 2019, had access to confidential information related to the hardware infrastructure, the software platform, and the AI models and applications they supported.

The indictment alleges that Ding began uploading trade secrets to a personal Google Cloud account in May 2022 and continued until May 2023, uploading more than 500 unique files.

Potential Consequences

If convicted, Ding faces a maximum penalty of 10 years in prison and up to a $250,000 fine for each count of theft of trade secrets.

A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The case is being investigated by the FBI and the Commerce Department, with prosecution by the U.S. Attorney’s Office for the Northern District of California and the Justice Department National Security Division’s Counterintelligence and Export Control Section.

This arrest is a stark reminder of the high stakes in protecting intellectual property in the tech industry, particularly in areas of strategic importance such as AI.

It also highlights the ongoing concerns about transferring sensitive technologies to other countries, especially those with which the U.S. has complex trade and security relationships.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


[ad_2]
Source link

Samsung and NRG forge strategic partnership for mobile gaming

andreasc
-
0
Samsung and NRG forge strategic partnership for mobile gaming
[ad_1]

Samsung has signed an expansive partnership with esports organization NRG and its sister digital media brand, Full Squad Gaming. The deal makes the company the naming rights partner for NRG’s mobile esports team, while the organization will help promote Galaxy devices, including the Galaxy S24 series. NRG plans to compete in the PUBG Mobile Super League – Americas for Spring 2024 under the NRG Galaxy banner.

Samsung partnered with NRG to promote the Galaxy S24

NRG is a leading professional gaming and entertainment company headquartered in Los Angeles, California. The organization traditionally focused on PC and console esports but is now making strides into mobile esports. It is jumping into the PUBG Mobile Super League this year. NRG Galaxy will compete in one of four offline super leagues. This allows Samsung to promote the Galaxy S24 lineup and other Galaxy devices.

NRG’s interest in mobile esports may have been influenced by its audience’s appetite for premium mobile products. The firm’s proprietary data shows its fans play mobile games for more than 24 hours per week on average. Over 60% of NRG fans also plan to upgrade their phone for better performance and battery life. Samsung likely saw a partnership with NRG as the perfect way to market its Galaxy devices to aspiring mobile gamers.

As part of this deal, Samsung, NRG, and Full Squad Gaming will launch campaigns highlighting Galaxy phones. Along with aspiring mobile pro players, the campaigns will target college students, creators, and mobile game developers. Full Squad Gaming will use Galaxy devices and accessories to film content on the streets. The content will include “gaming-focused challenges and stunts with man-on-the-street style fan interviews.”

Full Squad Gaming will also launch a College Gaming Tour this fall. It will travel to multiple colleges in the US and conduct events and contests where its fans and students will have a chance to win prizes. The firm will prompt the Samsung Galaxy ecosystem and its versatility for gaming and academic work. It will also use Galaxy devices for short form and live-streamed SquadCast episodes on TikTok.

Aspiring gamers can showcase their talent at Samsung Game Jam

This partnership between Samsung, NRG, and Full Squad Gaming will give aspiring gamers a chance to showcase their talent. The firms will host the Samsung Game Jam this fall where participants will compete for cash prizes. NRG says it will prioritize students and indie game developers. Details like the competition’s format, dates, and prizes aren’t finalized yet. The organization will reveal the details once finalized.

According to Andy Miller, CEO of NRG, this partnership with Samsung is a reflection of NRG’s reach and impact on young consumers of gaming content. “Our audience is 62% Gen Z—not a lot of properties can offer that at the scale we can,” he said. “As a global brand at the forefront of the esports industry, NRG’s latest venture into mobile gaming through this partnership underscores our commitment to innovation and global reach.”


[ad_2]
Source link
1...341342343...1,475Page 342 of 1,475