Top U.S. semiconductors and digital companies including Intel, GlobalFoundries and Google are expected to attend a business meeting on Monday in Hanoi as President Joe Biden visits Vietnam to boost ties, two people familiar with the plan said. Reuters

Apple published an urgent update on Thursday for all iPhone operating systems after researchers identified a new security breach exploited by Israeli NSO's Pegasus spyware. Haaretz

Blocked roads, crumbling camps as China moves Xinjiang detentions out of sight

A policeman waves reporters away from a desert prison in Xinjiang, part of a network of detention facilities transformed by China's shifting policies in the northwestern region. Since 2017, more than a million Uyghurs and other Muslims have been swept into internment camps where human rights abuses are commonplace, researchers, campaigners and members of the diaspora say. Beijing says the facilities were voluntary centres for teaching vocational skills, closed years ago after their inhabitants "graduated" into stable employment and better lives. Analysts counter that some camps have been refitted as others have shut down. "Several hundred thousand" people have likely been sent to work at high-security industrial parks while others languish in renamed or repurposed compounds, said Darren Byler, an assistant professor at Canada's Simon Fraser University who studies detention patterns in Xinjiang. In July, AFP attempted to visit the sites of 26 alleged camps in Xinjiang named in research by the Australian Strategic Policy Institute.

G-20 broadens debate on AI risks and mulls global oversight

Devidutta Tripathy

Leaders at the Group of 20 summit discussed how to harness artificial intelligence for economic development while protecting human rights, with some calling for global oversight of the rapidly evolving technology. G-20 host, Indian Prime Minister Narendra Modi, said the group should create a framework for “human-centric” AI governance while European Commission President Ursula von der Leyen suggested a similar oversight body to the Intergovernmental Panel on Climate Change. In their final communique, G-20 leaders said they would work to ensure “responsible AI development, deployment and use,” that would protect rights, transparency, privacy and data protection and avoid other issues. They also agreed to pursue a “pro-innovation regulatory/governance approach” that maximizes the benefits of AI but takes into account the risks associated with it.

In U.S.-China AI contest, the race is on to deploy killer robots

David Lague

Alongside Sydney Harbour, engineers are working on a submarine that will be powered by artificial intelligence and will have no human crew. The project is being driven by a contest between the U.S., its allies and China to develop AI-controlled weapons that will operate autonomously, including warships and fighter jets. The outcome of this competition could determine the global balance of power.

‘Systems of National Significance’ numbers double under critical infrastructure cyber crackdown

Julian Bajkowski

Home Affairs minister Clare O’Neil has nearly doubled the number of businesses roped-into the “Systems of National Significance” schedule, lifting the number of organisations from 87 to 168 that are now subject to powerful cyber security regulations to better safeguard against attacks. The fresh round of designations follows the expiry of a six-month grace period in mid-August that was given to critical infrastructure owners to allow them to get their act together to comply with the strict new cyber requirements before the cudgels come out.

Search engines required to stamp out AI-generated images of child abuse under Australia’s new code

Josh Butler

Artificial intelligence tools could be used to generate child abuse images and terrorist propaganda, Australia’s eSafety Commissioner has warned while announcing a world-leading industry standard that requires tech giants to stamp out such material on AI-powered search engines. The new industry code covering search engines, to be detailed on Friday, requires big tech firms like Google, Microsoft’s Bing and DuckDuckGo to eliminate child abuse material from their search results, and to take steps to ensure generative AI products can’t be used to generate deepfake versions of that material.

Dymocks warns customers of data breach after account information leaked on dark web

Book retailer Dymocks has warned its customers that some of their information may have been "compromised" and leaked onto the dark web after a cybersecurity breach earlier this week. Customers were sent an email on Friday afternoon detailing the issue and asking them to be "vigilant", change their passwords and monitor their bank accounts for "any unauthorised activity".

A rise in shoplifting has Australian supermarkets ramping up surveillance

Jonathan Barrett and Josh Taylor

Coles supermarkets used to warn customers that stealing was “a crime” with prominently placed signage, before realising shoppers didn’t like being treated as thieves. After a management rethink, the signs came down, and the stores upgraded their drab 1970s layouts. Many started selling flowers at the entrance for aesthetic purposes, and eventually the shoppers returned.

China wants metaverse firms with ‘global influence’ and plans for up to 5 industrial clusters by 2025

Iris Deng

Chinese propagandists set up shop on fringe social-media site, researchers say

Dustin Volz and Sarah E. Needleman

An online Chinese influence operation has sought to plant pro-Beijing propaganda on a niche U.S. social-media site popular with far-right activists, according to cybersecurity researchers, showing the Chinese government’s disinformation efforts are evolving and more extensive than previously known. Gab.com, which is known for its loose rules about hate speech, hosted 114 user accounts affiliated with a covert Chinese campaign known as Spamouflage, according to a new report from Alethea, a firm focused on detecting social-media manipulation. The findings, viewed by The Wall Street Journal, shed light on the Chinese government’s efforts to inject pro-China propaganda and disinformation into U.S.-owned social-media platforms, a trend cybersecurity analysts have said has expanded greatly in the past few years.

US House panel plans Taiwan war game with Wall Street executives

Demetri Sevastopulo

The US House of Representatives China committee plans to hold a Taiwan war game with financial and business executives in New York on Monday, in an effort to raise awareness about the risks attached to Americans investing in China. Mike Gallagher, the Republican head of the panel, and Raja Krishnamoorthi, its top Democrat, will lead the delegation, according to a person close to the committee.

Chinese fintech giant Ant Group unveils own AI large language model, along with new Web3 brand, in push to expand presence in financial sector

Ann Cao

Ant Group has launched its own large language model – the technology used to train chatbots like ChatGPT – and a new Web3 brand targeting Hong Kong and overseas markets, as the Chinese fintech giant boosts its capabilities in generative artificial intelligence for the financial services industry. The Hangzhou-based company on Friday unveiled its self-developed “financial LLM” at the “Inclusion Conference on the Bund” event in Shanghai, along with two applications powered by the group’s AI model.

Powerful ethnic militia in Myanmar repatriates 1,200 Chinese suspected of involvement in cybercrime

One of Myanmar’s biggest and most powerful ethnic minority militias has arrested and repatriated more than 1,200 Chinese nationals allegedly involved in criminal online scam operations, an official of the group said Saturday. The arrests were carried out in territory controlled by the United Wa State Army, or UWSA, in eastern Shan state in raids on Tuesday and Wednesday, Nyi Rang, a liaison officer from the militia, told The Associated Press.

5th Circuit finds Biden White House, CDC likely violated First Amendment

Cat Zakrzewski and Joseph Menn

The U.S. Court of Appeals for the 5th Circuit on Friday ruled that the Biden White House, top government health officials and the FBI likely violated the First Amendment by improperly influencing tech companies’ decisions to remove or suppress posts on the coronavirus and elections. The decision, written unanimously by three judges nominated by Republican presidents, was likely to be seen as victory for conservatives who have long argued that social media platforms’ content moderation efforts restrict their free speech rights. But some advocates also said the ruling was an improvement over a temporary injunction U.S. District Judge Terry A. Doughty issued July 4.

2 Senators propose bipartisan framework for A.I. laws

Cecilia Kang

Senator Richard Blumenthal, Democrat of Connecticut, and Senator Josh Hawley, Republican of Missouri, plan to announce a sweeping framework to regulate artificial intelligence, in the latest effort by Congress to catch up with the technology. The leaders of the Senate judiciary’s subcommittee for privacy, technology and law said in interviews on Thursday that their framework will include requirements for the licensing and auditing of A.I., the creation of an independent federal office to oversee the technology, liability for companies for privacy and civil rights violations, and requirements for data transparency and safety standards.

Massive DDoS attack on U.S. financial company thwarted by cyber firm

Daryna Antoniuk

A cybersecurity company claims it identified and thwarted a massive distributed denial-of-service attack targeting a prominent American financial institution. The researchers at Akamai Technologies did not reveal the company’s name but said it is among their "largest and most influential" customers in the financial sector. DDoS attacks overwhelm websites with a flood of traffic, making them temporarily unavailable to users.

X, formerly Twitter, challenges California’s new transparency law as unconstitutional

Devin Coldewey

X, formerly known as Twitter, has filed a lawsuit alleging that a new California law requiring social networks to declare certain moderation practices is a violation of the company’s Constitutional right to free speech. AB 587 was signed into law a year ago. At the time, California Governor Gavin Newsom wrote: “Californians deserve to know how these platforms are impacting our public discourse, and this action brings much-needed transparency and accountability to the policies that shape the social media content we consume every day.”

Apple becomes the biggest U.S.-China pawn yet

Dan Gallagher

Apple might be the king of tech. But in the growing cold economic war between the world’s two biggest economies, it is becoming just another game piece—albeit a big one. Still the world’s largest public company by market value, Apple has seen that value take a notable hit this week on increasing signs that its business in China might be coming under threat. The Wall Street Journal reported on Wednesday that the Chinese government is banning the iPhone and other foreign-branded devices from use by workers at central government agencies. Bloomberg reported Thursday that such a ban might also be extended to state-owned enterprises and other government-backed entities. That could amount to a significant swath of people in a state-led economy with a population totaling more than 1.4 billion.

America’s digital Achilles’ heel

Erica Lonergan and Jacquelyn Schneider

For all its tremendous benefits, digital technology carries innumerable downsides. Cellphones enable location tracking that erodes privacy. Data can be manipulated and destroyed. Mechanical systems can be hijacked by a malicious actor who finds chinks in their digital armor. But these technologies have become essential components of day-to-day life and continue to boost economic growth, increase productivity, and allow access to information at an unprecedented scale. Societies must wrestle with the devilish bargain they have struck; they rely on digital capabilities that leave them extremely vulnerable to attacks.

Japan seeks AI transparency with new disclosure guidelines

Japan proposed guidelines on Friday for companies that use artificial intelligence, aiming to avoid excessive restrictions while ensuring safety through transparency measures such as the disclosure of training data. The draft guidelines were outlined at a government AI strategy meeting, where it also was revealed the government would seek 164 billion yen ($1.11 billion) for AI-related spending in the fiscal 2024 budget, up 50.3 billion yen from fiscal 2023.

Top US chipmakers, tech firms to attend Vietnam meeting as Biden visits

Francesco Guarascio and Phuong Nguyen

Top U.S. semiconductors and digital companies including Intel, GlobalFoundries and Google are expected to attend a business meeting on Monday in Hanoi as President Joe Biden visits Vietnam to boost ties, two people familiar with the plan said. The meeting, which is still being arranged, would confirm U.S. plans to boost Vietnam's global role in different segments of chipmaking, as part of Washington's broader strategy to reduce the sector's exposure to China-linked risks, including trade restrictions and tensions over Taiwan.

Biden to Hanoi: Confronting Vietnam’s digital dictatorship

Michael Caster

President Joe Biden will meet General Secretary Nguyen Phu Trong and other Vietnamese leaders in Hanoi on 10 September, where they are expected to sign a significant “comprehensive strategic partnership agreement,” in part, aimed at shoring up alliances and relationships in the Indo-Pacific to counter China. “The leaders will explore opportunities to promote the growth of a technology-focused and innovation-driven Vietnamese economy,” among other objectives, the White House said. This is likely to include boosting Vietnam’s semiconductor production and promoting the country as a destination for disentangling tech companies from China, at a time when Beijing is increasingly exporting technology-enhanced authoritarianism.

G20 meet faces China-Pak cyber threat, Indonesian 'OpIndia' blitz; Authorities adopt 'zero trust' approach

Bhaswati Guha Majumder & Ankur Sharma

Multiple media reports have indicated that Indian agencies are on high alert to secure cyberspace, with a particular emphasis on protecting government websites from potential cyberwarfare, including threats from China-Pakistan cyber warriors. But apparently, the G20 event is attracting more cybercriminals, including those from Indonesia. Recent developments have added a new layer of concern to the New Delhi event. Indonesian hacktivist groups, including Ganonsec and Jambi Cyber Team, have announced their intentions to target Indian organisations and launched a campaign named ‘OpIndia’, pledging to disrupt India’s digital infrastructure. The announcement of the cyberattack was made by the Indonesian hacktivists on their Telegram channel.

Blinken says Musk’s Starlink should keep giving Ukraine full use

Victoria Cavaliere

Elon Musk’s Starlink satellite service is a “vital tool” for Ukraine, US Secretary of State Antony Blinken said, following reports the billionaire turned off the system near the Crimean coast last year to prevent a Ukrainian drone attack on Russian warships. The high-speed broadband system has become an essential communications tool as Ukraine combats Russia’s invasion. Musk began rolling out the system at Ukraine’s request in February 2022 as Russian forces advanced, knocking out Ukrainian communications systems.

Foreign student arrested in Norway on suspicion of espionage including electronic eavesdropping

A 25-year-old foreign student has been arrested in Norway on suspicion of espionage, including illegal eavesdropping through various technical devices. Norway’s domestic security agency, known by its acronym PST, told Norwegian media that the man, who was arrested on Friday, was charged in court on Sunday with espionage and intelligence operations against the Nordic country.

Why Chinese EV battery manufacturers are flocking to Hungary

William McCormack

As Chinese EV companies go global, many battery manufacturers are expanding to Hungary. Strong bilateral relations and a favorable business environment have made Hungary an appealing destination for Chinese firms. Chinese battery manufacturers have announced more than $10.9 billion worth of investments in Hungarian factories over the past year. While Hungary's government and the Chinese expatriate community look favorably on the investments, local Hungarians have expressed concern over the new EV plants, citing environmental and economic concerns amid growing distrust of China in the region.

Commons worker arrested after allegedly spying for China

Caroline Wheeler, Harry Yorke, Dipesh Gadher and Tim Shipman

A British parliamentary researcher has been arrested on suspicion of spying for China in what is alleged to be one of the most damaging breaches of security involving a hostile state at Westminster. The male suspect, who is in his late twenties, is understood to be linked to a number of senior Tory MPs, including several who are privy to classified or highly sensitive information.

The first ever UK semiconductors business delegation to Taiwan

Dustin Volz and Sarah E. Needleman

Led by Professor Julia Sutcliffe, Chief Scientific Adviser (CSA) at the UK’s Department for Business and Trade, the first ever UK Semiconductors business delegation consisting of 19 high-growth, innovate British businesses will be visiting Taiwan this week from 5 Sept and showcasing the UK’s capability across the semiconductor sector with an UK Pavilion at the 2023 SEMICON Taiwan. With Taiwan being a global hub for semiconductor manufacturing, this delegation visit aims to explore opportunities and partnership for trade, investment and R&D collaboration in Taiwan.

U.S. org worker infected with new Pegasus vector; Apple releases security patch

Omer Benjakob

BLASTPASS: NSO Group iPhone zero-click, Zero-day exploit captured in the wild

Omer Benjakob

Last week, while checking the device of an individual employed by a Washington DC-based civil society organization with international offices, Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware. We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim. The exploit involved PassKit attachments containing malicious images sent from an attacker iMessage account to the victim. We expect to publish a more detailed discussion of the exploit chain in the future.

Twitter ‘unfit’ for banking over alleged complicity in Saudi rights abuses

Stephanie Kirchgaessner

The company formerly known as Twitter is “unfit” to hold banking licenses because of its alleged “intentional complicity” with human rights violations in Saudi Arabia and treatment of users’ personal data, according to an open letter sent to federal and state banking regulators that was signed by a law firm representing a Saudi victim’s family. The allegations by lawyers representing Areej al-Sadhan, whose brother Abdulrahman was one of thousands of Saudis whose confidential personal information was obtained by Saudi agents posing as Twitter employees in 2014-15, comes as Twitter Payments LLC, a subsidiary of X (the company formerly known as Twitter), is in the process of applying for money-transmitter licenses across the US.

Meta deletes Al Jazeera presenter’s profile after show criticising Israel

Al Jazeera Arabic presenter Tamer Almisshal has had his Facebook profile deleted by Meta 24 hours after the programme Tip of the Iceberg aired an investigation into Meta’s censorship of Palestinian content titled The Locked Space. The programme’s investigation, which aired on Friday, included admissions by Eric Barbing, former head of Israel’s cybersecurity apparatus, about his organisation’s effort to track Palestinian content according to criteria that included “liking” a photo of a Palestinian killed by Israeli forces.

Musk-owned X's content moderation shift complicated effort to win back brands

Sheila Dang

X's new content moderation policy made it challenging to convince brands that the Elon Musk-owned social media platform was safe for ads, according to the company's former head of brand safety and ad quality. The company announced in April its "Freedom of Speech, Not Reach," policy, under which it began to limit the visibility of some tweets that violated its policies rather than removing the content from the site as was done previously.

Adversarial AI: Coming of age or overhyped?

Patrick Hinton

Adversarial attacks are a class of techniques that analyse the parameters of a machine learning model (such as a neural network) to calculate a series of changes to an input that causes a misclassification. In other words, they are attacks which are designed to lead the model to make a mistake. Some have argued that the secret to winning the AI war might rest not in making the most impressive weapons but in ‘mastering the disquieting treachery of the software.’ The proliferation of defence and security AI use cases has garnered much more attention than the potential vulnerabilities in the software. Developers are prioritising getting their AI systems to work in the first place, with security and adversarial activity taking a back seat. This is not an advisable strategy.

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.