Daily Digest (9/3)

FBI Arrests Chinese Researcher in Probe of Tech Theft; Hackers Exploit Flaw in Over 350,000 WordPress Sites; Corporate Networks Exposed by SonicWall Cloud Bug; Apple, Google Build Virus-Tracing Tech Directly Into Phones. Click “Continue reading” below.

FBI Arrests Chinese Researcher in Probe of Tech Theft 

The FBI has arrested and charged a University of California researcher for allegedly destroying a hard drive in order to obstruct an agency investigation.

The researcher, Guan Lei, 29, who was in the U.S. on a J-1 non-immigrant visa, was being investigated for lying about his military ties to the People’s Liberation Army (PLA) on his 2018 visa application, Infosecurity Magazine reports.

Guan, who lives in Alhambra, Calif., also was suspected of transferring software data to China’s National University of Defense Technology (NUDT), according to the report.

Before attempting to board a plane to China, Guan was said to have been observed throwing a hard drive into a dumpster outside his apartment on July 25.

He later refused to let the FBI examine his laptop and was subsequently denied permission to board the plane, according to authorities.

According to an affidavit, the hard drive “was irreparably damaged and that all previous data associated with the hard drive appears to have been removed deliberately and by force.”

Guan faces a maximum penalty of 20 years in prison.

One of Guan’s faculty NUDT advisers allegedly also was a lieutenant in the PLA who developed computers used by the Chinese army and Air Force, Infosecurity Magazine reports.

The adviser also allegedly produced military weather forecasts and nuclear technology.

Sources (all links external):

Hackers Exploit Flaw in Over 350,000 WordPress Sites

Hackers are exploiting a vulnerability in WordPress that allows them to execute commands and malicious script.

Researchers at a Thailand web-security firm discovered Tuesday that more than 700,000 active websites were running File Manager, a WordPress plugin where the vulnerability originated, Ars Technica reports.

Attackers are using the flaw to upload files that contain webshells, allowing them to run commands on the plugins/wp-file-manager/lib/files/ and upload scripts that can damage vulnerable sites.

NinTechNet, the Bangkok-based firm, was among the first to report the attacks.

Another website security firm, Wordfence, posted that it had blocked more than 450,000 exploit attempts in recent days, Ars Technica reports.

Word of the attacks came several hours after the security flaw was patched.


Corporate Networks Exposed by SonicWall Cloud Bug 

Researchers have discovered a bug in a cloud system used to manage SonicWall firewalls that could allow hackers to deliver ransomware directly to the internal systems of corporate networks. 

Enterprise firewalls and virtual private networks (VPNs) protect corporate operations from hackers, allowing employees to work from home during the pandemic, TechCrunch reports.

Hackers, however, frequently seek out bugs in critical network gear in order to break into company networks to steal data or plant malware, according to the report.

In this case, the flaw was found in SonicWall’s Global Management System (GMS), a web app that lets IT departments remotely configure their SonicWall devices across networks, Vangelis Stykas, researcher at the Pen Test Partners security firm, told TechCrunch.

If the bug is exploited, users with access to SonicWall’s GMS could create a user account with access to any other company’s network without permission — potentially infecting the networks with ransomware or other forms of malware. 

Stykas hammered SonicWall in a blog post after the company took two weeks to patch the flaw. 

“Even car-alarm vendors have fixed similar issues inside three days of us reporting,” he said.


Apple, Google Build Virus-Tracing Tech Directly Into Phones

Apple and Google are building contract-tracing technology directly into cellphone software to track COVID-19 outbreaks.

The tech giants announced Tuesday the second phase of their “exposure notification” system, designed to automatically alert people if they have been exposed to COVID, The Associated Press reports. 

States can choose whether they want to enable the Apple-Google system, allowing iPhone users to automatically opt into the system without having to download an app.

For Android users, Google will automatically generate an Android app that can then be downloaded.

Individuals who receive COVID proximity alerts typically will be offered testing and health advice to prevent potential future spread of the virus, AP reports.


— By DPN Staff