Security Affairs

OCTOBER 22, 2024

” Chinese law requires researchers to disclose zero-day vulnerabilities to the government. . ” Chinese law requires researchers to disclose zero-day vulnerabilities to the government. Experts speculate that the Chinese government was aware of the flaw and may have exploited it as a zero-day. reads the advisory.

Government 354

Government Cloud Access IT 354

Security Affairs

AUGUST 13, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities. The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email.

Phishing 348

Phishing Government File names Access 348

Security Affairs

FEBRUARY 16, 2024

CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The government experts conducted an incident response assessment of the state government organization after its documents were posted on the dark web.

Government 362

Government Authentication Cybersecurity Data breaches 362

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. ” continues the announcement.

Military 345

Military Government Personal data Phishing 345

Security Affairs

JUNE 5, 2024

Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited vulnerabilities in the German government’s implementation of the Cisco Webex software to access internal meetings.

Government 359

Government Metadata Military Passwords 359

Security Affairs

DECEMBER 29, 2024

notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. disclosed a data breach that exposed its customers’ credit card data after threat actors hacked a third-party application from its e-commerce providerBigCommerce.

Data breaches 206

Data breaches IT Computer and Electronics Access 206

Collaboration 2.0

FEBRUARY 21, 2025

If you've gotten cash from an ATM, you've interacted with a COBOL-based system. Here's why this old programming language will probably outlive us all.

Government 354

Government IT 354

Security Affairs

MARCH 28, 2024

In 2023, the researchers attributed a combined total of 48 out of 58 zero-day vulnerabilities to commercial surveillance vendors (CSVs) and government espionage actors, while 10 zero-day flaws were attributed to financially motivated actors. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild.

Government 350

Government Ransomware Libraries Access 350

Security Affairs

FEBRUARY 19, 2024

The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. “TAG70 has demonstrated a high level of sophistication in its attack methods. . ESET researchers also detailed the same attack chain.

Military 355

Military Government Access Risk 355

Data Breach Today

OCTOBER 10, 2024

Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance Relyance AI raised $32 million in Series B funding to grow its data governance platform.

Government 294

Government Privacy Compliance Security 294

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises. Experts believe the group remains active and is enhancing its operations with new implants.

Government 306

Government Archiving Phishing Access 306

Security Affairs

MARCH 5, 2025

Silk Typhoon targets multiple sectors worldwide, including information technology (IT) services and infrastructure, remote monitoring and management (RMM) companies, managed service providers (MSPs) and affiliates, healthcare, legal services, higher education, defense, government, non-governmental organizations (NGOs), and energy.

Energy and Utilities 158

Energy and Utilities IT Cloud Passwords 158

Security Affairs

DECEMBER 2, 2024

The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. Tor Project maintainers are urging users to deploy 200 WebTunnel bridges by year-end allow users in Russia to bypass government censorship. If you’ve ever thought about running a Tor bridge, now is the time. .”

Government 322

Government Access Security IT 322

Weissman's World

NOVEMBER 11, 2024

The adage “garbage in, garbage out” (GIGO) has been around for nearly 70 years, and it’s never been more relevant thanks to the intensifying need for information governance and the emergence of generative and agentic AI as potential disruptors. Regardless of your mandate (e.g.,

Information governance 293

Information governance Compliance Cloud Government 293

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor. Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor.

Government 333

Government Authentication Communications Access 333

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. broadband providers. law enforcement requests pursuant to court orders.

Data breaches 283

Data breaches Communications Artificial Intelligence Government 283

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures.

Government 283

Government Communications Access Passwords 283

WIRED Threat Level

APRIL 15, 2024

Experts say the US government’s reliance on its systems means the company continues to get a free pass. Microsoft has stumbled through a series of major cybersecurity failures over the past few years.

Government 363

Government Cybersecurity IT Security 363

Security Affairs

MAY 18, 2024

The operations coordinated by the North Korean government took place between October 2020 and October 2023. The operations coordinated by the North Korean government took place between October 2020 and October 2023. Intelligence experts speculate the campaign was aimed at financing the government’s illicit nuclear program.

IT 348

IT Government Information Security Security 348

Security Affairs

SEPTEMBER 17, 2024

” The man, who remails at large, used fake email accounts posing as US-based researchers and engineers to target government personnel to obtain software and source code created by the National Aeronautics and Space Administration (“NASA”), research universities, and private companies. Air Force, Navy, Army, and the FAA.”

Phishing 336

Phishing Government Military Security 336

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence. “Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.”

Phishing 286

Phishing Authentication Access Government 286

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft discovered that the threat actors used fraudulent subscriptions to its services and promptly disrupted them. The malware is a 64-bit C/C++ executable starts by locating and loading kernel32.dll

IT 325

IT Education File names Passwords 325

Security Affairs

DECEMBER 3, 2024

Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 million year-to-date. According to the FORM 8-K report filed with the U.S. Securities and Exchange Commission (SEC), the company discovered the attack on November 25.

Ransomware 298

Ransomware Encryption Cybersecurity Access 298

Security Affairs

JANUARY 14, 2025

According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. European, and Asian entities. systems. .”

Government 305

Government Cybersecurity Access IT 305

Security Affairs

AUGUST 16, 2024

SolarWinds describes WHD as an affordable Help Desk Ticketing and Asset Management Software that is widely used by large enterprises and government organizations. The company also thanked Inmarsat Government/Viasat for their assistance. reads the advisory published by Solarwinds.

IT 328

IT Cybersecurity Authentication Government 328

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

e-Discovery 310

e-Discovery Communications Ransomware Government 310

Security Affairs

APRIL 25, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.

IT 354

IT Education Cybersecurity Risk 354

Security Affairs

FEBRUARY 24, 2025

TopSec was founded in 1995, it offers cybersecurity services such as Endpoint Detection and Response (EDR) and vulnerability scanning, along with “boutique” solutions to align with government initiatives and intelligence requirements. ” reads the report published by SentinelLabs. ” concludes the report.”The

Cybersecurity 222

Cybersecurity Government Cloud Security 222

Security Affairs

OCTOBER 8, 2024

million customers which includes residential, commercial, fire service and private fire, industrial, government facilities, and other water and wastewater utilities. American Water, the largest publicly traded water and wastewater utility company in the US, shut down some of its systems following a cyberattack. The company has 3.4

IT 320

IT Ransomware Cybersecurity Security 320

Security Affairs

NOVEMBER 18, 2024

government surveillance. Automated Data Governance : Leverage advanced data security platforms that provide real-time visibility and automated compliance checks. GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. Billion ($1.4

GDPR 323

GDPR Security Compliance Data Privacy 323

Security Affairs

APRIL 19, 2024

Despite MITRE diligently following industry best practices, implementing vendor recommendations, and complying with government guidance to strengthen, update, and fortify its Ivanti system, they overlooked the lateral movement into their VMware infrastructure.

IT 357

IT Authentication Cybersecurity Security 357

Security Affairs

SEPTEMBER 5, 2024

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. Trend Micro Researchers spotted the Chinese-speaking threat actor Earth Lusca using a new multiplatform backdoor called KTLVdoor. It may also be shared with other Chinese-speaking threat actors. TCP, RDP, TLS, Ping, Web).

IT 302

IT Communications Encryption Libraries 302