Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
Students sit an exam in a computer room at a technical school in Jinan, in China's eastern Shandong province. Photo: Greg Baker/AFP via Getty Images
Months after a U.S. cyber intelligence firm published research that the Chinese appeared to withhold publicly available cybersecurity warnings from a public database when they might interfere with its cyber espionage operations, the firm found evidence that China was trying to cover that up.
The details: In November, Recorded Future published a report that the Chinese public database of security vulnerabilities was far faster to update than its U.S. counterparts 97% percent of the time. But the 3% of the time they were slower appeared to correlate with the vulnerabilities believed Chinese espionage groups used to breach computers.
- In a new report released Friday, Recorded Future notes that the dates on vulnerabilities they evaluated in their first report were altered to eliminate the lag in posting.
- The database edited the dates on 267 out of 268 of the vulnerabilities analyzed for the first report and 72 out of 75 dates of additional vulnerabilities Recorded Future would have included in the first report, but were outside the timeframe of the study.
Why it matters: Recorded Future thinks the edits might be further evidence that the Chinese vulnerability database is being manipulated to aide its espionage operations. If true, that could be a way to predict which vulnerabilities are being used by the Chinese.