Threat Intelligence

6/23/2017
02:49 PM
50%
50%

Virginia Consultant Charged with Espionage

Federal authorities charged a consultant with espionage for transmitting top secret and secret documents to China.

A Virginia man faces espionage charges for transmitting top secret and secret documents to China, according to the Department of Justice.

Kevin Patrick Mallory, 60, a consultant for GlobalEx LLC, is charged with meeting with an assumed member of the People's Republic of China Intelligence Service agency and sharing top secret documents with that individual. Mallory also allegedly planned to continue sharing top secret materials in the future, according to the DOJ. 

Mallory previously held positions in government and with government contractors that afforded him top secret security clearance; that clearance was terminated in 2012 when he left government service, according to the DOJ.

In a voluntary interview with the FBI in May, Mallory stated the person he met with in China represented themselves as an employee of the Shanghai Academy of Social Sciences (SASS), a purported think tank. The FBI, however, notes that Chinese intelligence officers have used the SASS as a front to cover their identities, according to the DOJ.

Mallory is charged with gathering or delivering defense information to aid a foreign government and making material false statements. He could face life in prison if convicted.

Read more about Mallory's case here.   

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
How Well Is Your Organization Investing Its Cybersecurity Dollars?
Jack Jones, Chairman, FAIR Institute,  12/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1480
PUBLISHED: 2018-12-12
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the 'HttpOnly' attribute on authorization tokens or session cookies. If a Cross-Site Scripting vulnerability also existed attackers may be able to get the cookie values via malicious JavaScript and then hijack the user sessi...
CVE-2018-1481
PUBLISHED: 2018-12-12
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 140763.
CVE-2018-1484
PUBLISHED: 2018-12-12
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent...
CVE-2018-1485
PUBLISHED: 2018-12-12
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 140970.
CVE-2018-1901
PUBLISHED: 2018-12-12
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. IBM X-Force ID: 152530.