#CERTFR just published a report in English about spyware inside untrusted software. #GoldenSpy

The report contains an analysis of past situations and recomendations on how to protect your network from those mandatory but untrusted softwares.

https://www.cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-007/

#CERTFR just published a report in English about spyware inside untrusted software. #GoldenSpy

The report contains an analysis of past situations and recomendations on how to protect your network from those mandatory but untrusted softwares.

https://www.cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-007/

The French national cybersecurity agency publishes recommendations on how to integrate untrusted (but mandatory) software into a computer network. Focus on #GoldenSpy

https://www.cert.ssi.gouv.fr/uploads/CERTFR-2022-CTI-007.pdf

#threatintel

CERT-FR has just published a report on the integration of untrusted software. Recommendations are available at the end of the report.
https://cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-007/
#Goldenspy #NotPetya

Under some regulations, it is mandatory to use specific softwares. In some cases, spywares can be embedded inside. This was the case with #GoldenSpy that has been detected in the software "Golden Tax", mandatory under Chinese regulation. More recently, the software "Beijing One Pass" has been found to contain suspicious functionalities.

For more details, you can check the report published recently by #ANSSI/#CERT_FR :
https://cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-006/

Only in French for now, the document contains recommendations to protect you IT system against those threats.

Under some regulations, it is mandatory to use specific softwares. In some cases, spywares can be embedded inside. This was the case with #GoldenSpy that has been detected in the software "Golden Tax", mandatory under Chinese regulation. More recently, the software "Beijing One Pass" has been found to contain suspicious functionalities.

For more details, you can check the report published recently by #ANSSI/#CERT_FR :
https://cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-006/

Only in French for now, the document contains recommendations to protect you IT system against those threats.

De nombreux cadres réglementaires étrangers imposent l’utilisation de logiciels spécifiques aux entreprises présentes sur leur territoire. Ces logiciels peuvent être utilisés par des attaquants comme point d’entrée sur un réseau informatique. Cela a notamment été le cas avec #Goldenspy dans le logiciel "Golden Tax", imposé par la réglementation chinoise. Plus récemment, c'est arrivé avec le logiciel "Beijing One Pass".

Plus de détails dans le document publié par l'ANSSI. Il contient des recommandations pour se protéger contre ce type de menace.

https://cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-006/

De nombreux cadres réglementaires étrangers imposent l’utilisation de logiciels spécifiques aux entreprises présentes sur leur territoire. Ces logiciels peuvent être utilisés par des attaquants comme point d’entrée sur un réseau informatique. Cela a notamment été le cas avec #Goldenspy dans le logiciel "Golden Tax", imposé par la réglementation chinoise. Plus récemment, c'est arrivé avec le logiciel "Beijing One Pass".

Plus de détails dans le document publié par le #CERT_FR. Il contient des recommandations pour se protéger contre ce type de menace.

https://cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-006/

```
For the digital processing of value-added tax (VAT) returns, the Chinese government has implemented the Golden Tax the Chinese government has implemented the Golden Tax program. Companies operating in China are required to use the #GoldenTax software to file their VAT returns. However, the Golden Tax software is not directly distributed by the distributed by the government, but by two companies, Baiwang and Aisino, which integrate it into their products. It seems that
that the selection of either of these vendors is decided by the companies' Chinese banks.

On June 25, 2020, Singaporean cybersecurity firm #Trustwave published a report [3] revealing that the installation of Chinese VAT management software Aisino Intelligent Tax led to the deployment of what amounts to a backdoor, dubbed "#GoldenSpy" by the vendor. Two hours after the installation of the VAT management software, codes are downloaded and then silently executed. They have persistence mechanisms, communicate at a random frequency with a remote server and allow the execution of arbitrary codes with system administrator privileges without user interaction.
```
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2022-CTI-006.pdf #anssi #InfoSec

```
For the digital processing of value-added tax (VAT) returns, the Chinese government has implemented the Golden Tax program. Companies operating in China are required to use the #GoldenTax software to file their VAT returns. However, the Golden Tax software is not directly distributed by the distributed by the government, but by two companies, Baiwang and Aisino, which integrate it into their products. It seems that
that the selection of either of these vendors is decided by the companies' Chinese banks.

On June 25, 2020, Singaporean cybersecurity firm #Trustwave published a report [3] revealing that the installation of Chinese VAT management software Aisino Intelligent Tax led to the deployment of what amounts to a backdoor, dubbed "#GoldenSpy" by the vendor. Two hours after the installation of the VAT management software, codes are downloaded and then silently executed. They have persistence mechanisms, communicate at a random frequency with a remote server and allow the execution of arbitrary codes with system administrator privileges without user interaction.
```
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2022-CTI-006.pdf #anssi #InfoSec