Tag: government
-
CISA releases first draft of updated National Cyber Incident Response Plan
by
in SecurityNewsThe long-awaited update to the National Cyber Incident Response Plan (NCIRP), the first proposed changes since it was released in 2016, outlines what the government would do in response to a large-scale cyberattack impacting the national economy.]]> First seen on therecord.media Jump to article: therecord.media/cisa-first-draft-updated-cyber-plan
-
Namibia’s state telecom provider says hackers leaked data after it refused to pay ransom
by
in SecurityNewsThe company didn’t specify what kind of data was stolen by the cybercriminals, but according to local media reports, the hackers accessed over 400,000 files, including personal and financial data belonging to some high-ranking government officials and Telecom Namibia’s clients.]]> First seen on therecord.media Jump to article: therecord.media/namibia-state-telecom-provider-data-leaked-after-ransom-refusal
-
CISA, ONCD propose updated National Cyber Incident Response Plan
by
in SecurityNewsThe updated framework is designed to bolster the government’s partnership with private-sector organizations in the wake of an attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/national-cyber-incident-response-plan-update/735660/
-
Hackers seek ransom after getting SSNs, banking info from state gov’t portal
by
in SecurityNewsRhode Island said it’s being extorted after hack of Deloitte-run benefits system. First seen on arstechnica.com Jump to article: arstechnica.com/tech-policy/2024/12/hackers-infiltrate-rhode-island-benefits-portal-forcing-state-to-shut-it-down/
-
XDR provider Arctic Wolf buys BlackBerry’s Cylance suite
by
in SecurityNews
Tags: ai, business, ceo, ciso, cybersecurity, detection, edr, endpoint, government, infrastructure, office, phone, risk, service, soc, technologyUS provider Arctic Wolf has struck a deal to buy BlackBerry’s Cylance endpoint security suite, which it will integrate into its Aurora extended detection and response (XDR) platform.Arctic Wolf said this morning that if the deal is approved by regulators, the company will be able to offer one of the largest open XDR security platforms…
-
Serbian government used Cellebrite to unlock phones, install spyware
by
in SecurityNewsSerbian police and intelligence officers used Cellebrite forensic extraction software to unlock journalists’ and activists’ phones and install previously unknown … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/16/serbian-government-used-cellebrite-to-unlock-phones-install-spyware/
-
Federal money is helping states overhaul cybersecurity. What happens if it dries up?
by
in SecurityNewsA $1 billion cybersecurity grant program for state and local governments has been a game-changer for cyber readiness. But it expires next September, putting its uncertain fate in the hands of a GOP-led Congress and the Trump administration.]]> First seen on therecord.media Jump to article: therecord.media/federal-money-states-cybersecurity-funding
-
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
by
in SecurityNewsThe Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named ‘NoviSpy,’ used to spy on activists, journalists, and protestors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-android-novispy-spyware-linked-to-qualcomm-zero-day-bugs/
-
HackHire Campaign Targeting Climate Activists, Government Hypocrisy on Encryption
by
in SecurityNewsIn Episode 359 of the Shared Security Podcast, the team examines a shocking hack-for-hire operation alleged to target over 500 climate activists and journalists, potentially involving corporate sponsorship by ExxonMobil. They explore the intricate layers of this multifaceted campaign and the broader implications on security risk assessments. Additionally, Scott discusses the massive Salt Typhoon hacking……
-
Serbian government cracked phones with Cellebrite to install spyware, report says
by
in SecurityNewsAmnesty International said it found examples of Serbian police using Cellebrite phone-cracking technology to unlock devices and embed spyware on them while people were talking to authorities.]]> First seen on therecord.media Jump to article: therecord.media/serbia-report-amnesty-international-cellebrite-spyware
-
The Hidden Risks of Mobile Calls and Messages: Why EndEnd Encryption is Just the Starting Line
by
in SecurityNews
Tags: access, android, breach, business, communications, control, cybercrime, cybersecurity, data, encryption, endpoint, espionage, government, identity, intelligence, mobile, network, risk, service, startup, technology, threat, tool, update, vulnerabilityThe recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks. Another rising concern is the blind trust organizations and individuals put into consumer-grade messaging apps such as WhatsApp to share government and commercially-sensitive information. Some of the biggest risks concerning these…
-
Resecurity introduces Government Security Operations Center (GSOC) at NATO Edge 2024
by
in SecurityNewsResecurity unveils AI-powered GSOC at NATO Edge 2024, integrating VR for advanced cybersecurity. Tailored for MSSPs, it enhances… First seen on hackread.com Jump to article: hackread.com/resecurity-government-security-operations-center-gsoc-nato-edge-2024/
-
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
by
in SecurityNewsThai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai.”The target of the threat actors were Thailand officials based on the nature of the lures,” Nikhil Hegde, senior engineer for Netskope’s Security Efficacy team, told The Hacker News.…
-
Why the Recent Telecom Hack Underscores the Need for EndEnd Encryption
by
in SecurityNewsThe recent massive telecom hack by the Chinese state-sponsored group Salt Typhoon has highlighted critical vulnerabilities in traditional communication systems. The breach targeted major U.S. telecom providers, including Verizon, AT&T, and T-Mobile, compromising sensitive communications of government officials, political entities, and businesses. Attackers accessed call records, unencrypted text messages, and even live call audio by……
-
The New Jersey Drone Mystery May Not Actually Be That Mysterious
by
in SecurityNewsA flurry of drone sightings across New Jersey and New York has sparked national intrigue and US government responses. But experts are pouring cold water on America’s hottest new conspiracy theory. First seen on wired.com Jump to article: www.wired.com/story/new-jersey-drone-mystery-maybe-not-drones/
-
US Uncovers North Korean IT Worker Fraud, Offers $5M Bounty
by
in SecurityNewsThe US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-it-worker-fraud/
-
US Offers $5M for Info on North Korean IT Worker Fraud
by
in SecurityNewsThe US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-it-worker-fraud/
-
High-Profile Organizations in Southeast Asia Hit by Targeted Cyberattacks
by
in SecurityNewsThe Symantec Threat Hunter Team has uncovered a sophisticated cyber campaign targeting high-profile organizations in Southeast Asia. Among the victims are government ministries in two countries, an air traffic control... First seen on securityonline.info Jump to article: securityonline.info/high-profile-organizations-in-southeast-asia-hit-by-targeted-cyberattacks/
-
Bitcoin ATM giant Byte Federal says 58K users’ personal data compromised in breach
by
in SecurityNewsByte Federal, one of the largest Bitcoin ATM operators in the U.S., said the personal data of thousands of customers may have been compromised during a recent breach. In a filing with Maine’s attorney general, Florida-based Byte Federal said hackers tried to access the data of 58,000 customers, including names, addresses, phone numbers, government-issued IDs,…
-
Holding Back Salt Typhoon + Other Chinese APT CVEs
by
in SecurityNewsOver the past several years, US Federal Agencies and private sector companies have observed China-based threat actors targeting network and telecommunication critical infrastructure. A wave of recent reports have disclosed that these attacks have succeeded in compromising government and industry targets to a far greater extent than previously thought. As a result, CISA has issued……
-
Experts Call for Overhaul of National Cyber Director Role
by
in SecurityNewsCybersecurity Experts Push for Clearer Mission, Expanded Authority, More Resources. Cybersecurity experts are urging a revamp of the Office of the National Cyber Director. The Center for Cybersecurity Policy and Law says the office needs a clearer mission, more resources and the authority to lead cybersecurity policy for other government agencies to bolster U.S. cyber…
-
El Salvador’s cyber laws threaten media freedom and privacy, human rights experts warn
by
in SecurityNewsNew laws in El Salvador “could be used to delete online publications that are critical of the government under the guise of data protection,” said Juanita Goebertus of Human Rights Watch. “This is a recipe for censorship and opacity.”]]> First seen on therecord.media Jump to article: therecord.media/el-salvador-cyber-data-protection-laws-human-rights-concerns
-
Why did China hack the world’s phone networks?
by
in SecurityNews
Tags: access, breach, china, communications, cyberattack, cybercrime, cybersecurity, government, group, hacker, Internet, microsoft, network, phone, service, technologySalt Typhoon breached dozens of telecoms around the world<ul><li><a href=”https://www.theguardian.com/info/2022/sep/20/sign-up-for-the-techscape-newsletter-our-free-technology-email”>Don’t get TechScape delivered to your inbox? Sign up here</li></ul>Chinese hackers <a href=”https://www.theguardian.com/technology/2024/dec/04/chinese-hackers-american-cell-phones”>have breached dozens of telecommunications companies around the world. The breach, christened Salt Typhoon by Microsoft cybersecurity researchers, has afforded the cybercriminals unprecedented access not only to information on who has been texting or…
-
Scammers Exploit Fake Domains in Dubai Police Phishing Scams
by
in SecurityNewsBforeAI has discovered a surge in phishing attacks targeting the Dubai Police, a government-run entity. Learn how cybercriminals are exploiting the Dubai Police name to steal personal information and money. First seen on hackread.com Jump to article: hackread.com/scammers-fake-domains-dubai-police-phishing-scams/
-
Bitcoin ATM giant Byte Federal says 58,000 users’ personal data compromised in breach
by
in SecurityNewsByte Federal, one of the largest Bitcoin ATM operators in the U.S., said the personal data of thousands of customers may have been compromised during a recent breach. In a filing with Maine’s attorney general, Florida-based Byte Federal said hackers tried to access the data of 58,000 customers, including names, addresses, phone numbers, government-issued IDs,…
-
The imperative for governments to leverage genAI in cyber defense
by
in SecurityNews
Tags: ai, attack, cyber, cyberattack, cybersecurity, dark-web, data, deep-fake, defense, detection, email, endpoint, gartner, government, incident response, infrastructure, intelligence, LLM, malicious, malware, microsoft, strategy, tactics, threat, tool, training, vulnerabilityIn an era where cyber threats are evolving at an unprecedented pace, the need for robust cyber defense mechanisms has never been more critical. Sixty-two percent of all cyberattacks focus on public sector organizations directly and indirectly. Nation-state actors, equipped with generative artificial intelligence (genAI) sophisticated tools and techniques, pose significant threats to national security,…
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…