March 28, 2024
Via: Security WeekAs part of the campaign, tagged to as Operation FlightNight, phishing lures masquerading as an invitation letter from the Indian Air Force were sent to various Indian government entities, including agencies for electronic communications, IT governance, and national defense. The […]
September 8, 2022
Via: The Hacker NewsA Chinese hacking group has been attributed to a new campaign aimed at infecting government officials in Europe, the Middle East, and South America with a modular malware known as PlugX. Cybersecurity firm Secureworks said it identified the intrusions in […]
Threats & Malware, Vulnerabilities
June 9, 2022
Via: Help Net SecurityExposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server servers vulnerable to CVE-2021-42321 exploitation are the most common exploit paths medium to large enterprises left open […]
May 31, 2022
Via: Security AffairsCyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the Costa Rican government that caused a nationwide crisis. […]
February 4, 2022
Via: Security WeekThe DHS’s Cyber Safety Review Board (CSRB) has been established as instructed by the executive order signed by President Joe Biden in May 2021 to improve cyber defenses. That executive order represents the foundation for several cybersecurity initiatives, including two […]
September 30, 2021
Via: Help Net SecurityArctic Wolf published findings from a recent global survey of over 1,400 IT decision-makers at enterprise organizations. After a year of high-profile cyberattacks, the survey data reveals executive attitudes on a wide array of cybersecurity and business issues. Private sector […]
August 20, 2021
Via: Security IntelligenceWhile we’re seeing the effects of larger, more expensive cyberattacks, those effects also ripple out into government policy. The growth of cloud security needs and products reflects the wider world in two major ways: the rise of remote work and […]
August 11, 2021
Via: Help Net SecurityIn this interview with Help Net Security, Amanda L. Joyce, Group Leader, Strategic Cybersecurity Analysis & Research, Argonne National Laboratory, offers her unique perspective on the modern information security landscape. What are the most important takeaways from your decade of […]
Threats & Malware, Vulnerabilities
August 2, 2021
Via: Help Net SecurityBug hunters who want to help the US federal government secure their online assets can now source all the relevant information from a vulnerability disclosure policy (VDP) platform offered by the Cybersecurity and Infrastructure Security Agency (CISA). “Through this crowdsourcing […]
July 9, 2021
Via: Help Net SecurityCrime thrives in a crisis, and the coronavirus was the largest collective emergency that the world has faced for decades. While there are more heroes than villains in the coronavirus story — think of all the sacrifices doctors, nurses, and […]
June 7, 2021
Via: Security WeekActive since at least 2007 and also tracked as Fancy Bear, Pawn Storm, Sednit, Strontium, and Tsar Team, APT28 is well known for its cyber-espionage operations targeting the 2016 Presidential elections in the United States, but is also associated with […]
May 7, 2021
Via: Security IntelligenceAs a government agency or jurisdiction, one of your goals is to build trust with the citizens you serve. You earn that trust by protecting their information from a government data breach. This also helps by making efficient use of […]
April 14, 2021
Via: Security IntelligenceIn December 2020, IBM Security X-Force released a research blog disclosing that the COVID-19 cold chain — an integral part of delivering and storing COVID-19 vaccines at safe temperatures — was targeted by cyber adversaries. After that first report, we […]
March 8, 2021
Via: Computer WeeklyThe US may conduct offensive cyber attacks against targets in Russia within weeks in retaliation for the widespread SolarWinds Orion attacks, even as the government’s cyber security teams deal with additional fall-out from last week’s disclosure of four dangerous vulnerabilities […]
February 25, 2021
Via: CSO OnlineOn February 23, 2021, a bipartisan group of leading Congress members introduced the Cyber Diplomacy Act of 2021. Jim Langevin (D-RI), Chairman of the House Armed Services Committee’s Subcommittee on Cyber, Innovative Technologies, and Information Systems, and Republican Michael McCaul […]
February 3, 2021
Via: DataBreach TodayData breaches often turn out to be worse than they first appear, as investigators begin probing exactly what happened and when. The massive SolarWinds supply chain attack, which was identified by FireEye in December 2020 after it traced back a […]
January 18, 2021
Via: CSO OnlineThe federal government and private sector are still reeling from the SolarWinds supply chain hack, and Congress is on edge as it begins a new term beset by fears of domestic terrorism. It would seem all bets are off in […]
Threats & Malware, Virus & Malware, Vulnerabilities
December 28, 2020
Via: Threat PostAttackers are looking to the healthcare space as a rich repository of intellectual property (IP) now more than ever, as critical research of COVID-19 therapeutics are developed and Pfizer, Moderna and other biotech firms begin to mass produce vaccines. Several […]
December 24, 2020
Via: Help Net SecurityIn 2020, cybersecurity became a business problem for every industry, as well as the U.S. government. According to a new report by the Aspen Cybersecurity Group, there are several opportunities for the new presidential administration to increase cybersecurity efforts and […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
October 28, 2020
Via: Threat PostThe line between our personal and professional lives is blurring in an unprecedented fashion as we approach the 2020 presidential election. From Oracle and Walmart’s plans to invest in TikTok to a bug in Joe Biden’s campaign app that exposed […]