Government and Security - Information Management Today

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

Security Affairs

MAY 17, 2025

The FBI warns that ex-government officials are being targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials to current or former senior US federal or state government officials and their contacts Since April 2025, threat actors have been using texts and AI voice messages impersonating senior U.S.

Government

Government Authentication Access Security

Russia-linked RomCom group targeted Ukrainian government agencies since late 2023

Security Affairs

OCTOBER 17, 2024

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023.

Government

Government Communications Ransomware Phishing

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on national security.

Government

Government Communications Access Risk

Webinars

From Curiosity to Competitive Edge: How Mid-Market CEOs Are Using AI to Scale Smarter

MORE WEBINARS

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. These penalties apply to all aspects of GDPR compliance, including inadequate data security, improper consent, and data breach failures. government surveillance.

GDPR

GDPR Security Compliance Data Privacy

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows.

Cloud

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. The authorities launched an investigation after the ransomware gang Ransomhub claimed the attack and published samples of personal information from a database of government.

Ransomware

Ransomware Government Insurance Passwords

Government contractor Conduent disclosed a data breach

Security Affairs

APRIL 16, 2025

The business services provider Conduent told the SEC a January cyberattack exposed personal data, including names and Social Security numbers. The business services provider Conduent revealed that personal information, including names and Social Security numbers, was stolen in a January cyberattack.

Data breaches

Data breaches Government Business Services Personal data

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Ransomware

Ransomware Government Manufacturing Education

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on national security.

Government

Government Communications Access Risk

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations.

Data Privacy

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Security Affairs

APRIL 28, 2025

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast Asias government and telecom sectors. Earth Kurma particularly targeted the Philippines, Vietnam, Thailand, and Malaysia.

Government

Government Cloud Communications Risk

AI in the Cloud: The Rising Tide of Security and Privacy Risks

Security Affairs

MAY 16, 2025

Over half of firms adopted AI in 2024, but cloud tools like Azure OpenAI raise growing concerns over data security and privacy risks. While these tools deliver clear productivity gains, they also expose businesses to complex new risks, particularly around data security and privacy.

Risk

Risk Privacy Cloud Security

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Security Affairs

MAY 18, 2025

experts who strip down equipment hooked up to grids to check for security issues, the two people said.” “That effectively means there is a built-in way to physically destroy the grid,” an anonymous informer told Reuters The rogue devices’ existence is newly revealed, with no public US government acknowledgment. .

Energy and Utilities

Energy and Utilities Manufacturing Communications Government

Ukraine bans Telegram for government agencies, military, and critical infrastructure

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” reads the announcement published by the National Security and Defense Council of Ukraine. The ban does not affect Ukrainian citizens. The ban does not affect Ukrainian citizens.

Military

Military Government Personal data Phishing

Zero Trust Mandate: The Realities, Requirements and Roadmap

Government agencies can no longer ignore or delay their Zero Trust initiatives. You’ll hear where peer organizations are currently with their Zero Trust initiatives, how they are securing funding, and the realities of the timelines imposed. The DHS compliance audit clock is ticking on Zero Trust.

Cybersecurity

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Phishing

Phishing Government File names Access

France links Russian APT28 to attacks on dozen French entities

Security Affairs

APRIL 30, 2025

France blames Russia-linked APT28 for cyberattacks targeting or compromising a dozen French government bodies and other entities. The Russia-linked APT28 group has targeted or compromised a dozen government organizations and other French entities, the French Government states.

Military

Military Phishing Government Cybersecurity

Yet another European government is ditching Microsoft for Linux - here's why

Collaboration 2.0

JUNE 16, 2025

" declared Digitalisation Minister Dirk Schrödter, speaking via an open-source video platform, in his announcement that the German state of Schleswig-Holstein will phase out all Microsoft software from government workplaces. Written by Steven Vaughan-Nichols, Senior Contributing Editor June 16, 2025 at 1:49 a.m.

Government

Government Passwords Artificial Intelligence Digital transformation

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 15

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Security

Security Mining Ransomware Education

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

Read this whitepaper to learn: How this “no data copy” approach dramatically streamlines data workflows while reducing security and governance overhead. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Cloud

Russian cyber spies stole data and emails from UK government systems

Security Affairs

AUGUST 8, 2024

Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media. Earlier this year, Russia’s foreign intelligence service stole internal emails and data on individuals from the UK government. ” reported The Record Media. .

Government

Government Data breaches Access IT

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

In September, Broadcom released security updates to the vulnerability CVE-2024-38812. ” Chinese law requires researchers to disclose zero-day vulnerabilities to the government. Experts speculate that the Chinese government was aware of the flaw and may have exploited it as a zero-day.

Government

Government Cloud Access IT

Information Governance: The Foundation of Responsible AI Systems

AIIM

FEBRUARY 20, 2025

But as AI systems become more sophisticated and pervasive, a critical question emerges: How do we ensure the data feeding these systems is accurate, secure, and ethically managed? This is where information governance takes center stage.

Information governance

Information governance Government Artificial Intelligence Security

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

WIRED Threat Level

MAY 5, 2025

The open source software easyjson is used by the US government and American companies. But its ties to Russias VK, whose CEO has been sanctioned, have researchers sounding the alarm.

Risk

Risk Government Security IT

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies.

Government

Government Communications Access Passwords

Welcoming the Malaysian Government to Have I Been Pwned

Troy Hunt

MAY 15, 2025

Today, we welcome the 40th government onboarded to Have I Been Pwned's free gov service, Malaysia. The NC4 NACSA (National Cyber Coordination and Command Centre of the National Cyber Security Agency) in Malaysia now has full access to query all their government domains via API, and monitor them against future breaches.

Government

Government Access Security

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. The Belgian federal prosecutor’s office is probing a possible security breach on its State Security Service (VSSE) by China-linked threat actors. ” reported Reuters.

Security

Security Access Government Cybersecurity

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Security Affairs

APRIL 16, 2025

-funded CVE program, a core cybersecurity tool for tracking vulnerabilities, faces funding expiry Wednesday, risking disruption to global security. government funding for MITRE s CVE program , a key global cybersecurity resource for cataloging vulnerabilities, is set to expire Wednesday, risking disruption.

Cybersecurity

Cybersecurity Government Risk Security

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 15, 2025

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Cybersecurity Ransomware

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Marketing

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Security Affairs

DECEMBER 2, 2024

The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” ” reads the announcement published by Tor Project.

Government

Government Access Security IT

Chinese man charged for spear-phishing against NASA and US Government

Security Affairs

SEPTEMBER 17, 2024

” The man, who remails at large, used fake email accounts posing as US-based researchers and engineers to target government personnel to obtain software and source code created by the National Aeronautics and Space Administration (“NASA”), research universities, and private companies. Air Force, Navy, Army, and the FAA.”

Phishing

Phishing Government Military Security

New Ghostwriter campaign targets Ukrainian Government and opposition activists in Belarus

Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government

Government Military Archiving Phishing

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

TopSec was founded in 1995, it offers cybersecurity services such as Endpoint Detection and Response (EDR) and vulnerability scanning, along with “boutique” solutions to align with government initiatives and intelligence requirements. The company provided monitoring services to a state-owned enterprise facing a corruption scandal.

Cybersecurity

Cybersecurity Government Cloud Security

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

The government agencies warn that the Russian APT29 group has the capability and intent to exploit more CVEs for initial access, remote code execution, and privilege escalation. cyber agencies warned. The joint advisory includes a list of known vulnerabilities that should be addressed as soon as possible.

Data collection

Data collection Authentication Access Cybersecurity

T-Mobile detected network intrusion attempts and blocked them

Security Affairs

NOVEMBER 28, 2024

Many reports claim these bad actors have gained access to some providers’ customer information over an extended period of time – phone calls, text messages, and other sensitive information, particularly from government officials. Connectivity to a compromised provider was interrupted, and T-Mobile notified industry and government leaders.

Government

Government Access Risk Security

Welcoming the Isle of Man Government to Have I Been Pwned

Troy Hunt

MAY 8, 2025

Today we welcome the 39th government and first self-governing British Crown Dependency to Have I Been Pwned, The Isle of Man. Their Office of Cyber-Security & Information Assurance (OCSIA) now has free and open access to query the government domains of their jurisdiction.

Government

Government Access Security

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Security Affairs

MAY 29, 2025

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a hacked site. Google warns that China-linked APT41 used TOUGHPROGRESS malware with Google Calendar as C2, targeting various government entities via a compromised website.

IT

IT Encryption Government Communications

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Artificial Intelligence Archiving

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

Data Security Posture Management (DSPM) helps organizations address evolving data security and privacy requirements by protecting and managing sensitive information. To add to the difficulty, the advent of Generative AI (GenAI) has brought unprecedented security and privacy risks. What is Data Security Posture Management?

Data Privacy

Data Privacy Privacy GDPR Compliance

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence

Artificial Intelligence Security Ransomware Phishing

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Government

Government Phishing Cybersecurity Access

Hackers stole OpenAI secrets in a 2023 security breach

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. ” The executives believed the threat actor was a lone hacker with no link to a foreign government. .”

Security

Security Artificial Intelligence Risk Access

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

Russia-linked RomCom group targeted Ukrainian government agencies since late 2023

Webinars

Trending Sources

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Webinars

Increased GDPR Enforcement Highlights the Need for Data Security

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Government contractor Conduent disclosed a data breach

Rhysida Ransomware gang claims the hack of the Government of Peru

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

AI in the Cloud: The Rising Tide of Security and Privacy Risks

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Ukraine bans Telegram for government agencies, military, and critical infrastructure

Zero Trust Mandate: The Realities, Requirements and Roadmap

CERT-UA warns of a phishing campaign targeting government entities

France links Russian APT28 to attacks on dozen French entities

Yet another European government is ditching Microsoft for Linux - here's why

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 15

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

Russian cyber spies stole data and emails from UK government systems

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Information Governance: The Foundation of Responsible AI Systems

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Welcoming the Malaysian Government to Have I Been Pwned

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Chinese man charged for spear-phishing against NASA and US Government

New Ghostwriter campaign targets Ukrainian Government and opposition activists in Belarus

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

T-Mobile detected network intrusion attempts and blocked them

Welcoming the Isle of Man Government to Have I Been Pwned

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Hackers stole OpenAI secrets in a 2023 security breach

Stay Connected