A Chinese delegation led by Vice Premier Liu He could be sent before month's end to iron out phase one, a source tells CNBC's Kayla Tausche.Marketsread more
Bank of America says investors should still look to stocks for value rather than bonds.Investingread more
Online travel company Booking Holdings has dropped out of Facebook's libra, joining a growing list of firms who have exited the embattled cryptocurrency project.Technologyread more
"But I expect we'll have a deal," Mnuchin tells CNBC.Politicsread more
Kohl's stores are getting a bit of a refresh, and are being infused with new brands, ahead of this holiday season.Retailread more
Apple will release the iPhone SE2 early next year for $399, analyst Ming-Chi Kuo says.Tech Driversread more
State polls show that Trump's standing has weakened in some states hurt by the trade war.2020 Electionsread more
Sanders, who is recovering from a heart attack, reveals the new tax plan a day before the third Democratic debate.2020 Electionsread more
Investors are set to scrutinize results from Goldman Sachs and J.P. Morgan Chase as banks report third-quarter results starting Tuesday.Financeread more
Morgan Stanley slashed its price target on Netflix to $400 per share from $450 per share, but kept its overweight rating on the stock.Pro Analysisread more
There are at least 10,000 Islamic State prisoners in several camps across northeastern Syria, according to Kurdish and U.S. officials.Politicsread more
A new report from cybersecurity company CrowdStrike says an unnamed aviation industry company sustained a significant cyber intrusion through 2018 and 2019, featuring a hacker with "valid credentials" and a "high level of administrative access."
The report gives further insight into what many experts have called persistent, often successful intrusions against the aviation industry. Most recently, AFP reported Airbus had been victim to intrusions and attempted hacks through its huge network of third-party providers. CrowdStrike said the attack outlined in its Tuesday report appeared to be geared toward collecting data and establishing a wide foothold on the aviation company's network.
The incident is another example of how corporate espionage works in critical industries, including those connected to the defense industrial sector like aviation. Nation-state hackers often target these companies to gather as much information and intellectual property as possible, while also establishing several avenues of access within a company meant to serve as wide-scale, longer term network observation points. It's also a reminder that significant security incidents aren't always big data thefts, but can be quieter reconnaissance missions that are hard to detect, but nonetheless severely damaging.
The CrowdStrike report does not attribute the aviation incident to any person or group. The earlier AFP report cited several suggested China as the culprit for other aviation industry attacks. China issued several denials to the Airbus report, with China Foreign Ministry spokesman Geng Shuang calling the report irresponsible, unprofessional and having "ulterior motives."
CrowdStrike's new report says the anonymous aviation company's attack likely began with the hacking of an internal business application at the company that was "exposed to the internet," in other words, an internal corporate function that was accessible online.
The hacker had both "valid credentials" and a "high level of administrative access," and was able to move "laterally" across the aviation company, according to the report, meaning he or she could access many different parts of the company. The attacker then moved throughout the company, continuing to steal more credentials and password information along the way to facilitate ever-increasing access to different corporate functions.
Later, the attacker changed tactics and singled out an individual employee at the company, the report said. The hacker "was was observed opening a significant number of document and image files belonging to a user of interest. The files inspected included the extensions .log, .jpg and .docx, and were located within the [employee's] Desktop and Documents directories."
The hack was part of a compilation of intelligence reports released by CrowdStrike on Tuesday. The company outlined attacks its researchers have observed against companies in other industries including telecommunications and the chemical sector.