Cyber security news May 2022

This posting is here to collect cyber security news in May 2022.

I post links to security vulnerability news to comments of this article.

You are also free to post related links to comments.

408 Comments

  1. Tomi Engdahl says:

    QNAP alerts NAS customers of new DeadBolt ransomware attacks https://www.bleepingcomputer.com/news/security/qnap-alerts-nas-customers-of-new-deadbolt-ransomware-attacks/
    Taiwan-based network-attached storage (NAS) maker QNAP warned customers on Thursday to secure their devices against attacks pushing DeadBolt ransomware payloads. The company asked users to update their NAS devices to the latest software version and ensure that they’re not exposed to remote access over the Internet.

    Reply
  2. Tomi Engdahl says:

    Microsoft detects massive surge in Linux XorDDoS malware activity
    https://www.bleepingcomputer.com/news/security/microsoft-detects-massive-surge-in-linux-xorddos-malware-activity/

    Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/
    In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as well as its usage of XOR-based encryption for its communications.

    Reply
  3. Tomi Engdahl says:

    Bumblebee Malware from TransferXL URLs
    https://isc.sans.edu/diary/rss/28664
    Today’s diary reviews an infection generated from this activity on Wednesday 2022-05-18.. Last month, Google’s Threat Analysis Group
    (TAG) reported on EXOTIC LILY using file transfer services like TransferNow, TransferXL, WeTransfer, or OneDrive to distribute malware. Threat researchers like @k3dg3 occasionally report malware samples from this activity. Based on @k3dg3′s recent tweet, I searched through VirusTotal and found a handful of active TransferXL URLs delivering ISO files for Bumblebee malware

    Reply
  4. Tomi Engdahl says:

    Phishing websites now use chatbots to steal your credentials https://www.bleepingcomputer.com/news/security/phishing-websites-now-use-chatbots-to-steal-your-credentials/
    Phishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to threat actors. This approach automates the process for attackers and gives a sense of legitimacy to visitors of the malicious sites, as chatbots are commonly found on websites for legitimate brands

    Reply
  5. Tomi Engdahl says:

    New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars https://thehackernews.com/2022/05/new-bluetooth-hack-could-let-attackers.html
    A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.

    Reply
  6. Tomi Engdahl says:

    DOJ Announces It Won’t Prosecute White Hat Security Researchers https://www.vice.com/en/article/v7d9nb/department-of-justice-security-researchers-new-cfaa-policy
    On Thursday the Department of Justice announced a policy shift in that it will no longer prosecute good-faith security research that would have violated the country’s federal hacking law the Computer Fraud and Abuse Act (CFAA).

    Reply
  7. Tomi Engdahl says:

    The passwords most used by CEOs are startlingly dumb https://www.pcgamer.com/the-passwords-most-used-by-ceos-are-startlingly-dumb/
    A recent cybersecurity report shows how immensely idiotic many CEOs and business owners can be, considering the strength of their chosen account passwords. Imagine entrusting the livelihood of hundreds, even thousands of employees to someone who uses ’123456′ or ‘qwerty’ as a password.

    Reply
  8. Tomi Engdahl says:

    US Recovers $15 Million From Ad Fraud Group
    https://www.securityweek.com/us-recovers-15-million-ad-fraud-group

    United States authorities announced this week that they have retrieved more than $15 million in illicit proceeds derived from the advertising fraud scheme known as “3ve.”

    Consisting of three different sub-operations – the Kovter botnet and two other operations – the 3ve scheme was dismantled in 2018, when authorities announced charges against three involved individuals: Aleksandr Isaev, of Russia, and Sergey Ovsyannikov and Yevgeniy Timchenko, of Kazakhstan.

    Reply
  9. Tomi Engdahl says:

    Phishers Add Chatbot to the Phishing Lure
    https://www.securityweek.com/phishers-add-chatbot-phishing-lure

    Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers – they are annoying, but something we must navigate.

    The phishers hope that this reluctant acceptance of chatbots will help lower the attention of the target victim. The process is described in a new blog post.

    Interactive Phishing: Using Chatbot-like Web Applications to Harvest Information
    https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/interactive-phishing-using-chatbot-like-web-applications-to-harvest-information/

    Phishing website links are commonly delivered via email to their respective targets. Once clicked, these websites often show a single webpage that outright asks for sensitive information like account login credentials, credit card details, and other personally identifiable information (PII).

    Recently, we have encountered an interesting phishing website containing an interactive component in it: a chatbot. Unlike a lot of phishing websites, this one establishes a conversation first, and bit-by-bit guides the victim to the actual phishing pages.

    Although the phishing method is quite unique, it still uses email as the delivery channel. A deeper inspection of the email header shows that the “From” header is missing the email address component, which is a red flag already.

    To gain even more confidence and trust from the target, a CAPTCHA is presented right after the victim clicks the “Schedule delivery” button. However, something is odd here – nothing else is clickable except for the confirm and close button.

    Reply
  10. Tomi Engdahl says:

    Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines
    https://www.securityweek.com/researchers-spot-supply-chain-attack-targeting-gitlab-ci-pipelines

    Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines.

    The campaign, dubbed CrateDepression, combines typosquatting and the impersonation of a known Rust developer to push a malicious ‘crate’ hosted on the Rust dependency community repository. (Editor’s note: A crate is a compilation unit in Rust).

    The malicious crate was swiftly flagged and removed but SentinelLabs researchers found a second-stage payload exclusively built to Gitlab CI pipelines, signaling a risk of further larger-scale supply-chain attacks.

    “Given the nature of the victims targeted, this attack would serve as an enabler for subsequent supply-chain attacks at a larger-scale relative to the development pipelines infected,” SentinelLabs said in a technical report documenting its findings.

    “An infected machine is inspected for the GITLAB_CI environment variable in an attempt to identify Continuous Integration (CI) pipelines for software development. On those systems, the attacker(s) pull a next-stage payload built on the ‘red-teaming’ post-exploitation framework Mythic,” SentinelLabs explained.

    Reply
  11. Tomi Engdahl says:

    Lawrence Abrams / BleepingComputer:
    AdvIntel: the Conti ransomware group has taken its infrastructure offline and its leaders have partnered with other smaller ransomware groups to conduct attacks — The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more.

    Conti ransomware shuts down operation, rebrands into smaller units
    https://www.bleepingcomputer.com/news/security/conti-ransomware-shuts-down-operation-rebrands-into-smaller-units/

    Reply
  12. Tomi Engdahl says:

    How A Cheap Smart ID Card Reader Sold On Amazon Became A National Security Risk
    https://hothardware.com/news/how-cheap-smart-id-card-reader-sold-amazon-became-national-security-risk

    Earlier this month, we reported on a phishing attack that stole $23.5 million from the US Department of Defense (DoD). Thankfully, the DoD caught the cybercriminals and recovered the money, but this incident highlights the need for strong cybersecurity practices at the DoD and among its contractors. The DoD is a high value target with an extensive attack surface due to its size and complexity. A recent discovery demonstrates how cyberattacks can be indirect and come from unexpected sources. A government defense contractor relayed this discovery to Brian Krebs of KrebsOnSecurity, who published the details.

    DoD employees and contractors, along with military personal, use ID cards known as Common Access Cards (CAC) to access controlled spaces, as well as computer systems and networks. Cardholders don’t just use these cards onsite. Many employees and contractors need to access their email remotely, which requires CAC authentication. However, approved card readers aren’t standard issue devices for cardholders. As a result, government employees and contractors often turn to the internet to find compatible card readers.

    Alarmingly, a contractor found that one such device is a vector for malware.

    The contractor told KrebsOnSecurity that the distribution of malware by a company selling CAC readers “Seems like a potentially significant national security risk, considering that many end users might have elevated clearance levels who are using PIV cards for secure access.” Saicoo may have been hacked and is distributing the malware unknowingly, but the company doesn’t seem willing to acknowledge the malware’s presence.

    Reply
  13. Tomi Engdahl says:

    https://hackaday.com/2022/05/20/this-week-in-security-iphone-unpowered-python-unsandboxed-and-wizard-spider-unmasked/

    As conspiracy theories go, one of the more plausible is that a cell phone could be running malicious firmware on its baseband processor, and be listening and transmitting data even when powered off. Nowadays, this sort of behavior is called a feature, at least if your phone is made by Apple, with their Find My functionality. Even with the phone off, the Bluetooth chip runs happily in a low-power state, making these features work. The problem is that this chip doesn’t do signed firmware. All it takes is root-level access to the phone’s primary OS to load a potentially malicious firmware image to the Bluetooth chip.

    Researchers at TU Darmstadt in Germany demonstrated the approach, writing up a great paper on their work (PDF). There are a few really interesting possibilities this research suggests. The simplest is hijacking Apple’s Find My system to track someone with a powered down phone.

    Researchers devise iPhone malware that runs even when device is turned off
    Research is largely theoretical but exposes an overlooked security issue.
    https://arstechnica.com/information-technology/2022/05/researchers-devise-iphone-malware-that-runs-even-when-device-is-turned-off/

    Evil Never Sleeps:
    When Wireless Malware Stays On After Turning Off iPhone
    https://arxiv.org/pdf/2205.06114.pdf

    Reply
  14. Tomi Engdahl says:

    https://hackaday.com/2022/05/20/this-week-in-security-iphone-unpowered-python-unsandboxed-and-wizard-spider-unmasked/

    Bluetooth Low Energy

    It’s yet another Bluetooth related problem, this time concerning Bluetooth Low Energy (BLE) used as an authentication token. You’ve probably seen this idea in one form or another, like the Android option to remain unlocked whenever connected to your BLE earbuds. It’s used for various vehicles, to unlock once the appropriate phone is within BLE range.

    It’s always been sort-of a bad idea to use BLE for this sort of authentication, because BLE is succeptible to in-flight relay attacks. One half of the attack is next to your phone, acting like the car’s BLE chip, and the other is next to the car, spoofing your phone. Connect the two spoofing devices, and the car thinks the authorized phone is right there. To make this “secure”, vendors have added encryption features, as well as signal timing analysis to try to catch spoofing.

    New Bluetooth hack can unlock your Tesla—and all kinds of other devices
    All it takes to hijack Bluetooth-secured devices is custom code and $100 in hardware.
    https://arstechnica.com/information-technology/2022/05/new-bluetooth-hack-can-unlock-your-tesla-and-all-kinds-of-other-devices/

    NCC Group Demo Bluetooth Low Energy Link Layer Relay Attack on Tesla Model Y
    https://www.youtube.com/watch?v=HF-tAujvckA&t=1s

    Reply
  15. Tomi Engdahl says:

    https://hackaday.com/2022/05/20/this-week-in-security-iphone-unpowered-python-unsandboxed-and-wizard-spider-unmasked/

    Python Buffer Blown

    This is one of those issues that isn’t a big deal, and yet could be a problem in certain situations. It all started in 2012, when it was observed that the Python memoryview object could crash a program when it pointed to a memory location that is no longer valid.

    This is actually a read and write primitive. Snoop around Python’s memory, find the ELF headers, and then figure out where the glibc system dynamic library is sitting in the procedure linkage table. Find it, use the memory corruption bug to jump to the appropriate location in memory, and boom, you’ve popped a shell from Python!

    And yes, as an exploit, it’s quite unimpressive. [kn32], our tour guide into this quirk of Python points out that it could be used to escape a Python sandbox, but that is a very niche use-case. Even if we conclude that this isn’t really an exploit, it’s a great learning tool, and some fun hackery.

    Exploiting a Use-After-Free for code execution in every version of Python 3
    https://pwn.win/2022/05/11/python-buffered-reader.html

    Reply
  16. Tomi Engdahl says:

    Microsoft Issues Emergency Windows 10, 11 & Server Security Update
    https://www.forbes.com/sites/daveywinder/2022/05/20/microsoft-issues-emergency-windows-10-11–server-security-update/?sh=5007ddb147c4&utm_medium=social&utm_source=ForbesMainFacebook&utm_campaign=socialflowForbesMainFB

    Microsoft has finally, a whole week after I predicted that an emergency out-of-band Windows update would be with us before the month was out, pulled the fix trigger. The target being to correct the somewhat disastrous Patch Tuesday security updates that caused multiple authentication failures for many Windows business users. Anyone who this issue has impacted must apply the update as soon as possible: but there’s a catch, which I’ll get to in a moment.

    May 2022 Patch Tuesday authentication failures
    Those authentication failures were caused by installing the May 2022 Patch Tuesday updates on domain controllers. These included authentication failures on the server or client for services such as Network Policy Server and Extensible Authentication Protocol, to name but two. The issue, according to Microsoft, relates to “how the mapping of certificates to machine accounts is being handled by the domain controller.”

    So, what’s the catch?
    The out-of-band emergency updates are available for impacted users of Windows 10, Windows 11, and Windows Server 2008, 2012, 2016, 2019, and 2022. Microsoft has published details for all platforms.

    Reply
  17. Tomi Engdahl says:

    Netgear warns that its BR200 And BR500 business routers have multiple vulnerabilities that could be exploited and are unable to be fixed. The company is offering a free or discounted replacement for those who wish to stop using the products.

    https://www.forbes.com/sites/marksparrow/2022/05/20/netgear-says-it-cant-fix-multiple-vulnerabilities-on-two-of-its-routers-for-homeworkers/?sh=6dce16344bf2&utm_source=ForbesMainFacebook&utm_campaign=socialflowForbesMainFB&utm_medium=social

    Reply
  18. Tomi Engdahl says:

    Majority of Kubernetes API Servers Exposed to the Public Internet
    Shadowserver Foundation researchers find 380,000 open Kubernetes API servers.
    https://www.darkreading.com/application-security/more-than-eight-in-10-kubernetes-api-servers-exposed-to-the-internet

    Reply
  19. Tomi Engdahl says:

    ‘Security researchers’ aka hackers make $800k in prize money for exploiting Windows 11 and Teams
    By Jorge Jimenez published 1 day ago
    https://www.pcgamer.com/security-researchers-aka-hackers-make-dollar800k-prize-money-for-exploiting-windows-11-and-teams/

    Day 1 of the Pwn2own hacking event is already proving very lucrative for its participants.

    Reply
  20. Tomi Engdahl says:

    Mastercard introduces controversial biometric payments that require a face scan
    Dystopian future.
    https://reclaimthenet.org/mastercard-introduces-controversial-biometric-payments-that-require-a-face-scan/

    Reply
  21. Tomi Engdahl says:

    https://www.lahitapiola.fi/tietoa-lahitapiolasta/uutishuone/uutiset-ja-tiedotteet/uutiset/uutinen/1509577332658

    Tiedusteluasiantuntija: Venäjällä on kykyä toimia verkossa – ”Yritysten on nyt varauduttava hyökkäyksiltä”

    Reply
  22. Tomi Engdahl says:

    Swapped Out: Hackers target social media users with high-tech fake videos
    “Deepfake” technology previously focused on celebrities and influencers, now used to scam every day Americans
    https://www.webcenterfairbanks.com/2022/05/16/swapped-out-hackers-target-social-media-users-with-high-tech-fake-videos/

    Reply
  23. Tomi Engdahl says:

    Some top 100,000 websites collect everything you type—before you hit submit
    A number of websites include keyloggers that covertly snag your keyboard inputs.
    https://www.wired.com/story/leaky-forms-keyloggers-meta-tiktok-pixel-study/

    Reply
  24. Tomi Engdahl says:

    Serious Warning Issued For Millions Of Google Gmail Users
    https://www.forbes.com/sites/gordonkelly/2022/05/21/google-gmail-security-facebook-oauth-login-warning/?utm_campaign=forbes&utm_source=facebook&utm_medium=social&utm_term=Valerie&sh=6364b3916a3b

    Gmail is the world’s most popular email service, it is also known as one of the most secure. But a dangerous exploit might make you rethink how you want to use the service in future.

    In an eye-opening blog post, security researcher Youssef Sammouda has revealed that Gmail’s OAuth authentication code enabled him to exploit vulnerabilities in Facebook to hijack Facebook accounts when Gmail credentials are used to sign in to the service. And the wider implications of this are significant.

    Speaking to The Daily Swing, Sammouda explained that he was able to exploit redirects in Google OAuth and chain it with elements of Facebook’s logout, checkpoint and sandbox systems to break into accounts. Google OAuth is part of the ‘Open Authorization’ standard used by Amazon, Microsoft, Twitter and others which allows users to link accounts to third-party sites by signing into them with the existing usernames and passwords they have already registered with these tech giants.

    Sammouda reports no vulnerabilities using other email accounts.

    Facebook account takeover: Researcher scoops $40k bug bounty for chained exploit
    https://portswigger.net/daily-swig/facebook-account-takeover-researcher-scoops-40k-bug-bounty-for-chained-exploit

    Youssef Sammouda returns with more Facebook hacks – this time leveraging stolen Google authentication tokens to gain access to social media accounts

    Reply
  25. Tomi Engdahl says:

    Wormhole cryptocurrency platform hacked for $325 million after error on GitHub
    https://www.theverge.com/2022/2/3/22916111/wormhole-hack-github-error-325-million-theft-ethereum-solana

    A security flaw was fixed but seemingly not applied to the live application before it was hacked

    On Wednesday, the decentralized finance (DeFi) platform Wormhole became the victim of the largest cryptocurrency theft this year — and among the top five largest crypto hacks of all time — when an attacker exploited a security flaw to make off with close to $325 million.

    The attack seems to have resulted from a recent update to the project’s GitHub repository, which revealed a fix to a bug that had not yet been deployed to the project itself.

    The attack took place on February 2nd and was noticed when a post from the Wormhole Twitter account announced that the network was being taken “down for maintenance” while a potential exploit was investigated. A later post from Wormhole confirmed the hack and the amount stolen.

    Shortly after the attack, the Wormhole team also offered the hacker a $10 million bounty to return the funds

    Wormhole provides a service known as a “bridge” between blockchains, essentially an escrow system that allows one type of cryptocurrency to be deposited in order to create assets in another cryptocurrency.

    To carry out the attack, the attacker managed to forge a valid signature for a transaction that allowed them to freely mint 120,000 wETH — a “wrapped” Ethereum equivalent on the Solana blockchain, with value equivalent to $325 million at the time of the theft — without first inputting an equivalent amount. This was then exchanged for around $250 million in Ethereum that was sent from Wormhole to the hackers’ account, effectively liquidating a large amount of the platform’s Ethereum funds that were being held as collateral for transactions on the Solana blockchain.

    Open-source code commits show that code that would have fixed this vulnerability was written as early as January 13th and uploaded to the Wormhole GitHub repository on the day of the attack. Just hours later, the vulnerability was exploited by the hacker, suggesting that the updates had not yet been applied to the production application.

    Another file available through the Wormhole Github page also details a security audit conducted by security research company Neodyme between July and September 2021. It is not clear whether the vulnerability was present during the audit period

    Due to the nature of cross-chain applications, the attack temporarily left a huge deficit between the amount of wrapped Ethereum and regular Ethereum held in the Wormhole bridge — as if the collateral asset backing a loan had suddenly disappeared. According to Forbes, the attack caused a 10 percent drop in the value of the Solana cryptocurrency in the aftermath of the hack.

    Reply
  26. Tomi Engdahl says:

    Malicious PyPI package opens backdoors on Windows, Linux, and Macs
    https://www.bleepingcomputer.com/news/security/malicious-pypi-package-opens-backdoors-on-windows-linux-and-macs/

    Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.

    PyPI is a repository of open-source packages that developers can use to share their work or benefit from the work of others, downloading the functional libraries required for their projects.

    On May 17, 2022, threat actors uploaded a malicious package named ‘pymafka’ onto PyPI. The name is very similar to PyKafka, a widely used Apache Kafka client that counts over four million downloads on the PyPI registry.

    Sonatype discovered pymafka and reported it to PyPI, who removed it yesterday. Nevertheless, developers who downloaded it will have to replace it immediately and check their systems for Cobalt Strike beacons and Linux backdoors.

    For Linux systems, the Python script connects to a remote URL at 39.107.154.72 and pipes the output to the bash shell. Unfortunately, that host is down at the time of this writing, so it is unclear what commands are executed, but it is believed to open a reverse shell.

    For Windows and macOS, the payload is a Cobalt Strike beacon, which provides remote access to the infected device.

    Cobalt Strike is a widely abused penetration testing suite that features powerful traits such as command execution, keylogging, file actions, SOCKS proxying, privilege escalation, credential stealing, port scanning, and more.

    Its “beacons” are file-less shellcode agents that are hard to detect, giving remote actors stable and reliable access to compromised systems, using it for espionage, lateral movement, or deploying second-stage payloads like ransomware.

    “On Windows systems, the Python script attempts to drop the Cobalt Strike beacon at ‘C:\Users\Public\iexplorer.exe’,” details Sonatype’s report.
    This attack is intended to provide initial access to the developer’s network, allowing them to spread laterally through the network to steal data, plant further malware, or even conduct ransomware attacks.

    How to stay safe
    From the software developer’s perspective, several things are done wrong when someone uses an untrustworthy package, but the most common and admittedly easy to happen is mistyping package names during building.

    Software developers should scrutinize package names and details and double-check their selection of building blocks when something appears funky.

    In this case, the package attempts to masquerade as a renowned project, yet it has no description on the PyPI page,

    no homepage link, an extremely short release history, and an inexplicably recent release date.

    These are all clear signs that something is wrong, but none of them will be apparent from the terminal, so confirming the package selections is critical.

    Reply
  27. Tomi Engdahl says:

    Varo huijausta viran­omais­palvelun nimissä https://www.is.fi/digitoday/tietoturva/art-2000008830559.html
    SUOMI.FI varoittaa tietojenkalastelusta. Suomalaisille lähetetään viestejä Suomi.fi:n nimissä, ja viesteissä pyydetään säätämään todennusta. Perusteluna on todennustavan vanhentuminen. Viesteissä on linkki, joka johtaa henkilökohtaisia tietoja kyselevälle verkkosivulle. Älä avaa linkkiä edes huvin vuoksi, äläkä missään nimessä syötä sivulle mitään tietojasi. Jos huijari lähestyy tekstiviestillä, siihen vastaaminen voi teoriassa altistaa sinut kuluille.

    Reply
  28. Tomi Engdahl says:

    Kauniaisten kybermysteeristä uusia tietoja tekijä sai aikaan pahaa tuhoa
    https://www.tivi.fi/uutiset/tv/3dcb9794-d580-403c-b9b2-274876286336
    Kauniaisten kaupungin sähköpostiliikenne toimii jälleen. Aikavälillä 5. toukokuuta – 12. toukokuuta lähetetyt sähköpostiviestit ja kalenterikutsut eivät kuitenkaan ole saapuneet perille, vaan ne täytyy lähettää uudelleen. Vanhan sähköpostipalvelimen käyttäminen oli turvallisuussyistä mahdotonta, joten kaupunki päätti asentaa kokonaan uuden palvelimen. Epäilykset palvelimen kaappaamisesta heräsivät, kun @kauniainen.fi-sähköpostiosoitteista alkoi levitä kalasteluviestejä.
    Sähköpostitilit suljettiin tilanteen vuoksi.

    Reply
  29. Tomi Engdahl says:

    Huawei sai porttikiellon Kanadaan: “Tulemme aina suojelemaan kanadalaisten turvallisuutta”
    https://www.tivi.fi/uutiset/tv/5bc7a1b9-9385-4d32-abd2-39b0ca22578d
    Kanadan hallitus ilmoittaa kieltävänsä kiinalaisten Huawein ja ZTE:n pääsyn maan 5g-verkkoihin. Oppositiossa oleva konservatiivipuolue ja muut toimijat ovat pitkään kritisoineet Huawein roolia maan 5g-infrastruktuurin rakentamisessa, kirjoittaa Toronto Sun.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*