Tag: government
-
Whistleblower Accuses DOGE of Data-Harvesting Cover Up
by
in SecurityNewsComplaint Says Russia-Based IP Address Attempted to Gain Access as DOGE Took Data. A whistleblower has accused staffers from the Department of Government Efficiency of attempting to cover their tracks while collecting troves of sensitive data from the independent labor agency’s computer systems, raising significant security concerns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/whistleblower-accuses-doge-data-harvesting-cover-up-a-28013
-
Introducing Wyo Support ADAMnetworks LTP
by
in SecurityNews
Tags: attack, best-practice, business, compliance, cyber, cybersecurity, data, email, endpoint, finance, GDPR, government, guide, healthcare, infrastructure, insurance, law, linkedin, PCI, phishing, radius, ransomware, regulation, service, skills, strategy, technology, threat, tool, training, update, zero-trustADAMnetworks is excited to announce Wyo Support to the family of Licensed Technology Partners. “After working with the various systems and technologies, there are few that compare with the protection that ADAMnetworks provides. It reduces the attack surface from the broad side of a barn down to the size of a keyhole. No other technology…
-
UK’s Cyber Crime Down in 2024: Better ‘Cyber Hygiene Among Small Businesses
by
in SecurityNewsA UK government survey of 2024 data shows phishing remains the top cyber threat, ransomware cases doubled, and fewer boards include cyber experts despite steady attack rates. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cyber-attacks-uk-businesses/
-
China alleges US cyber espionage during the Asian Winter Games, names 3 NSA agents
by
in SecurityNews
Tags: attack, breach, china, cloud, cyber, cyberattack, espionage, exploit, government, hacker, infrastructure, injection, intelligence, international, service, sql, vulnerabilityA deliberate and coordinated campaign: The NCVERC report revealed that between January 26 and February 14, 2025, the Games’ information systems were struck by 270,167 attacks from abroad, with activity peaking on February 8, the day after the event’s formal opening. Of these, 170,864 attacks (63.24%) originated from US-based IP addresses.The cyber onslaught primarily targeted…
-
Renewed APT29 Phishing Campaign Against European Diplomats
by
in SecurityNewsighlights Introduction Starting in January 2025, Check Point Research (CPR) has been tracking a wave of targeted phishing attacks aimed at European governments and diplomats. The Techniques, Tactics and Procedures (TTPs) observed in this campaign align with the WINELOADER campaigns, which were attributed toAPT29, a Russialinkedthreat group. APT29, also commonly referred to as Midnight Blizzard…
-
Govtech giant Conduent confirms client data stolen in January cyberattack
by
in SecurityNewsAmerican business services giant and government contractor Conduent disclosed today that client data was stolen in a January 2025 cyberattack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/govtech-giant-conduent-confirms-client-data-stolen-in-january-cyberattack/
-
When the government steps back, who steps up to ensure adequate cyber defenses?
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/resource/when-the-government-steps-back-who-steps-up-to-ensure-adequate-cyber-defenses
-
Government faces claims of serious security and data protection problems in One Login digital ID
by
in SecurityNewsThe Government Digital Service was warned about serious cyber security and data protection problems in its flagship digital identity system, with insider claims that the data of three million users may still be at risk First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622533/Government-faces-claims-of-serious-cyber-security-and-data-protection-problems-in-One-Login-digital-ID
-
US Blocks Foreign Governments from Acquiring Citizen Data
by
in SecurityNewsThe US government has implemented a program that applies export controls on data transactions to certain countries of concern, including China and Russia First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-foreign-governments-acquiring/
-
DoJ Launches Critical National Security Program to Protect Americans’ Sensitive Data
by
in SecurityNewsThe U.S. Department of Justice has launched a landmark initiative to block foreign adversaries”, including China, Russia, and Iran”, from exploiting commercial channels to access sensitive American data. The Data Security Program (DSP), enacted under Executive Order 14117, establishes stringent controls over transactions involving U.S. government-related data and bulk personal information such as genomic, financial,…
-
DDoS-Angriffe auf Webseiten der Regierung von Marokko
by
in SecurityNewsMassive cyber attack hits Moroccan government websites: experts blame Algeria First seen on en.hespress.com Jump to article: en.hespress.com/107975-massive-cyber-attack-hits-moroccan-government-websites-experts-blame-algeria.html
-
Reimagining Democracy
by
in SecurityNewsImagine that all of us”, all of society”, have landed on some alien planet and need to form a government: clean slate. We do not have any legacy systems from the United States or any other country. We do not have any special or unique interests to perturb our thinking. How would we govern ourselves?…
-
Ransomware Incidents on the Rise in the UK
by
in SecurityNewsIncident Reporting Low, Government Study Finds. Ransomware attacks targeting U.K. organizations continued to rise last year concluded the British government despite a low reporting rate by victims. The findings come as the government is considering banning public sector organization from paying ransom and mandating incident reporting. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ransomware-incidents-on-rise-in-uk-a-27971
-
MSPs Serving Federal Government in Limbo Due to DOGE Cuts
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/msps-serving-federal-government-in-limbo-due-to-doge-cuts
-
Malicious ‘mParivahan’ App Circulates on WhatsApp, Skimming Sensitive Mobile Data
by
in SecurityNewsA new variant of the fake NextGen mParivahan app has emerged, exploiting the trust users place in official government notifications to distribute malware. This malicious software is distributed through seemingly legitimate traffic violation alerts via WhatsApp, luring victims into installing what they believe is the official app. Infection Vector and Deceptive Tactics The malware spreads…
-
Companies House goes live with One Login ID verification
by
in SecurityNewsPeople can verify their identity with Companies House using Gov.uk One Login as the central government body becomes the 36th service to start using the digital identity system First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622472/Companies-House-goes-live-with-One-Login-ID-verification
-
GOFFEE Deploys PowerModul in Coordinated Strikes on Government and Energy Networks
by
in SecurityNewsThe threat actor known as GOFFEE has launched a series of targeted attacks against critical sectors within the Russian Federation, utilizing advanced malware and phishing techniques. The group’s latest campaign involves the deployment of PowerModul, a PowerShell-based implant, to escalate their intrusion capabilities and carry out coordinated strikes effectively. PowerModul and Initial Infection Vectors PowerModul…
-
Trump Retaliates Against Former Cybersecurity Chief
by
in SecurityNewsChris Krebs and SentinelOne Targeted as Trump Still Trumpets 2020 Election Lies. The White House said President Trump has ordered a probe into former Cybersecurity and Infrastructure Security Agency Director Chris Krebs’ government service, revoked any security clearances he holds and suspended security clearances issued to his employer, SentinelOne. First seen on govinfosecurity.com Jump to…
-
Trump revokes security clearances for Chris Krebs, SentinelOne in problematic precedent for security vendors
by
in SecurityNews
Tags: access, business, ceo, cloud, cybersecurity, data, government, intelligence, law, service, zero-trustLike living ‘in Stalin’s Soviet Union’: At the same time Trump revoked security clearances from Krebs and SentinelOne, he issued another executive order revoking the security clearance of former Department of Homeland Security official Miles Taylor, as well as any entities associated with him, including the University of Pennsylvania.Taylor is a veteran of multiple Republican administrations…
-
TrendsWatch QA: The future of edge”, will decentralization ever be more than a talking point?
by
in SecurityNewsFor decades, a handful of tech giants have shaped digital infrastructure”, and, with it, how businesses and governments manage data, security, and connectivity. Related: Practical uses for edge computing Now, the rise of distributed edge computing is being touted as a… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/trends-to-watch-qa-the-future-of-edge-will-decentralization-ever-be-more-than-a-talking-point/
-
Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing
by
in SecurityNewsQR codes are being weaponised by scammers, so maybe think twice before scanning that parking meter. And in a blunder so dumb it makes autocorrect look smart, the White House explains how it leaked war plans on Signal because an iPhone mistook a journalist for a government insider. First seen on grahamcluley.com Jump to article:…
-
National Social Security Fund of Morocco Suffers Data Breach
by
in SecurityNewsThreat actor ‘Jabaroot’ claims breach of National Social Security Fund of Morocco, aiming to steal large volumes of sensitive citizen data. Resecurity has identified a threat actor targeting government systems in Morocco with the goal of exfiltrating large volumes of sensitive data relating to citizens. The actor using the alias ‘Jabaroot’ released claims about the…
-
SideCopy APT Hackers Impersonate Government Officials to Deploy Open-Source XenoRAT Tool
by
in SecurityNewsThe Pakistan-linked Advanced Persistent Threat (APT) group known as SideCopy has significantly expanded its targeting scope since late December 2024. Initially, the group focused on infiltrating India’s government, defense, maritime sectors, and university students. Recent developments indicate an inclusion of crucial sectors like railways, oil & gas, and external affairs ministries into their cyber activities.…
-
Russian APT Hackers Use Device Code Phishing Technique to Bypass MFA
by
in SecurityNews
Tags: apt, authentication, cyber, exploit, government, group, hacker, intelligence, mfa, microsoft, phishing, russia, threatRussian state-backed advanced persistent threat (APT) group Storm-2372 has exploited device code phishing to bypass multi-factor authentication (MFA) and infiltrate high-value targets across governments, NGOs, and critical industries. Since August 2024, this group has weaponized the OAuth device authorization flow”, a legitimate authentication mechanism”, to hijack user sessions and exfiltrate sensitive data. Microsoft Threat Intelligence…
-
Rights group calls on Thai government to end alleged cyberattacks against civil society
by
in SecurityNewsHuman rights non-profit Amnesty International urged Thai authorities this week to investigate claims of state-sponsored cyberattacks against human rights organizations and pro-democracy activists following the leak of internal government documents that detailed such an operation. First seen on therecord.media Jump to article: therecord.media/rights-group-calls-on-thai-government-to-stop-alleged-cyberattacks-on-civil-society
-
Rogue RDP: Abusing RDP for File Theft and Espionage
by
in SecurityNewsA recent report by Google Threat Intelligence Group (GTIG) has shed light on a sophisticated phishing campaign targeting European government and military organizations. This campaign, attributed to a suspected Russia-nexus espionage actor tracked as UNC5837, employed a novel technique leveraging the Remote Desktop Protocol (RDP) for malicious purposes. Unlike typical RDP attacks that focus on…
-
Hellcat Ransomware Upgrades Arsenal to Target Government, Education, and Energy Sectors
by
in SecurityNews
Tags: attack, cyber, cybersecurity, exploit, government, group, phishing, ransomware, service, spear-phishing, tactics, vulnerability, zero-dayThe cybersecurity community has raised alarms over the rapid evolution of the Hellcat ransomware group, which has escalated its tactics to target critical sectors. Hellcat, which emerged in mid-2024, now employs a sophisticated blend of psychological manipulation, zero-day vulnerabilities, and Ransomware-as-a-Service (RaaS) to expand its influence. Spear Phishing and Zero-day Exploits Hellcat operators initiate attacks…