Tag: government
-
Huge Leak of Customer Data Includes Military Personnel Info
by
in SecurityNewsEnamelPins, which manufactures and sells medals, pins, and other emblematic accessories, for months left open an Elasticsearch instance that exposed 300,000 customer emails, including 2,500 from military and government personnel. The company, based in California, also has links to China, Cybernews researchers wrote. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/huge-leak-of-customer-data-includes-military-personnel-info/
-
UK seeks collaboration for security research lab to counter Russia and ‘new AI arms race’
by
in SecurityNewsThe U.K. is seeking collaboration for a new AI security research lab that’s designed to counter Russia and other hostile states in what it dubs the >>new AI arms race.
-
Russia-linked APT TAG-110 uses targets Europe and Asia
by
in SecurityNewsRussia-linked threat actors TAG-110 employed custom malware HATVIBE and CHERRYSPY to target organizations in Asia and Europe. Insikt Group researchers uncovered an ongoing cyber-espionage campaign by Russia-linked threat actor TAG-110 that employed custom malware tools HATVIBE and CHERRYSPY. The campaign primarily targeted government entities, human rights groups, and educational institutions in Central Asia, East Asia,…
-
Imagine a land in which Big Tech can’t send you down online rabbit holes or use algorithms to overcharge you
by
in SecurityNewsChina is trying to become that land, with a government crackdown on the things that make the internet no fun First seen on theregister.com Jump to article: www.theregister.com/2024/11/25/china_algorithm_transparency/
-
Government IDs and Facial Recognition: A New Phishing Threat
by
in SecurityNewsA recent report by Harsh Patel and Brandon Cook from the Cofense Phishing Defense Center highlights a dangerous new tactic aimed at exploiting online users by combining phishing for government... First seen on securityonline.info Jump to article: securityonline.info/government-ids-and-facial-recognition-a-new-phishing-threat/
-
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
by
in SecurityNewsGovernment agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077.The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft…
-
Government hails Cyber Essentials success
by
in SecurityNewsFirst seen on computerweekly.com Jump to article: www.computerweekly.com/news/366614259/Government-hails-Cyber-Esstenials-success
-
Yakuza Victim Data Leaked in Japanese Agency Attack
by
in SecurityNewsA local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/yakuza-victim-data-leaked-japanese-attack
-
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
by
in SecurityNews
Tags: access, advisory, ai, application-security, attack, backup, best-practice, breach, cisa, cloud, computer, cve, cyber, cyberattack, cybercrime, cybersecurity, data, exploit, extortion, firewall, framework, governance, government, group, guide, Hardware, incident, incident response, infrastructure, injection, intelligence, Internet, LLM, malicious, microsoft, mitigation, mitre, monitoring, network, nist, office, open-source, powershell, privacy, ransomware, regulation, risk, risk-management, russia, service, skills, software, sql, strategy, supply-chain, tactics, technology, theft, threat, tool, update, vulnerability, vulnerability-management, windowsDon’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against…
-
Russian TAG-110 Hacked 60+ Users With HTML Loaded Python Backdoor
by
in SecurityNewsThe Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in Central Asia, East Asia, and Europe by deploying custom malware, HATVIBE and CHERRYSPY, to compromise government entities, human rights groups, and educational institutions. Initial access is typically gained through phishing or exploiting vulnerable web services, as the campaign’s goal is to…
-
US Takes Down Stolen Credit Card Marketplace PopeyeTools
by
in SecurityNewsThe US government has announced the seizure of stolen credit card marketplace PopeyeTools and charges against its administrators. The post US Takes Down Stolen Credit Card Marketplace PopeyeTools appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-takes-down-stolen-credit-card-marketplace-popeyetools/
-
Russian Cyber Spies Target Organizations with HatVibe and CherrySpy Malware
by
in SecurityNewsRussian-aligned TAG-110 uses custom tools to spy on governments, human rights groups and educational institutions in Europe and Asia First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-cyber-spies-hatvibe/
-
Russian Cyberespionage Group Hit 60 Victims in Asia, Europe
by
in SecurityNewsRussia-linked TAG-110 has targeted over 60 government, human rights, and educational entities in Asia and Europe. The post Russian Cyberespionage Group Hit 60 Victims in Asia, Europe appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe/
-
Danish government reboots cyber security council amid AI expansion
by
in SecurityNewsFirst seen on computerweekly.com Jump to article: www.computerweekly.com/news/366614294/Danish-government-reboots-cyber-security-council-amid-AI-expansion
-
Here’s what happens if you don’t layer network security or remove unused web shells
by
in SecurityNewsTL;DR: Attackers will break in and pwn you, as a US government red team demonstrated First seen on theregister.com Jump to article: www.theregister.com/2024/11/22/cisa_red_team_exercise/
-
British Lawmakers Leery of Losing EU Adequacy Status
by
in SecurityNewsLawmakers Expressed Concerns Over Proposed Data Use and Access Bill. British lawmakers sought assurances Tuesday from the U.K. government that proposed data use reform legislation will not cause the country to lose its data-sharing rights with the European Union. Lawmakers also warned about potential AI risks arising from the bill. First seen on govinfosecurity.com Jump…
-
Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office
by
in SecurityNewsMexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. “Today they are going to send me a report on the supposed hacking.” President Claudia Sheinbaum said…
-
The Dangerous Blend of Phishing for Government IDs and Facial Recognition Video
by
in SecurityNewsIn an era where online convenience has become the norm, the risk of identity theft through scam websites has surged. The potential for exploitation grows as more services transition to conducting business online. These sites pose a significant risk to personal security and undermine public trust in the digital infrastructure we have in place. A…
-
Put Your Username And Passwords In Your Will, Advises Japan’s Government
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36625/Put-Your-Username-And-Passwords-In-Your-Will-Advises-Japans-Government.html
-
Feds Indict 5 Suspects Tied to Scattered Spider Cybercrime
by
in SecurityNewsFBI Ties Men to at Least 45 Attacks and Theft of Cryptocurrency Worth Millions. The U.S. government on Wednesday unsealed criminal charges against five suspected members of the loosely organized financially motivated cybercriminal group Scattered Spider. The suspects have been tied to 45 attacks, disrupting businesses and stealing cryptocurrency worth millions of dollars. First seen…
-
Mexico’s President Says Government Is Investigating Reported Ransomware Hack of Legal Affairs Office
by
in SecurityNewsMexico’s president says the government is investigating a reported ransomware hack of the country’s legal affairs office. The post Mexico’s President Says Government Is Investigating Reported Ransomware Hack of Legal Affairs Office appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/mexicos-president-says-government-is-investigating-reported-ransomware-hack-of-legal-affairs-office/
-
China’s Surveillance State Is Selling Citizen Data as a Side Hustle
by
in SecurityNewsChinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online”, no questions asked. First seen on wired.com Jump to article: www.wired.com/story/chineses-surveillance-state-is-selling-citizens-data-as-a-side-hustle/
-
Put your usernames and passwords in your will, advises Japan’s government
by
in SecurityNewsDigital end of life planning saves your loved ones from a little extra anguish First seen on theregister.com Jump to article: www.theregister.com/2024/11/21/japan_digital_end_of_life/
-
Earth Kasha Expands Operations: New LODEINFO Malware Hits Government and High-Tech
by
in SecurityNewsIn a detailed report by Trend Micro, the emergence of a new LODEINFO malware campaign has been linked to Earth Kasha, a threat group operating within what the researchers term... First seen on securityonline.info Jump to article: securityonline.info/earth-kasha-expands-operations-new-lodeinfo-malware-hits-government-and-high-tech/
-
UK open to social media ban for kids as government kicks off feasibility study
by
in SecurityNewsThe U.K. government is not ruling out further beefing up of existing online safety rules by adding an Australian-style ban on social media for kids under 16 technology secretary Peter Kyle has said. Back in the summer, the government warned it may toughen laws for tech platforms in the wake of riots that were perceived…
-
Feds Fine Mental Health Clinic $100K in 2020 HIPAA Case
by
in SecurityNewsLA County Clinic Delayed Access to Patient’s Medical Records During Pandemic. Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic. The case is the U.S. government’s 51st HIPAA patient right-of-access enforcement action. First seen…
-
Bad Actors Impersonating Government Agencies in Latest DocuSign Scams
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/bad-actors-impersonating-government-agencies-in-latest-docusign-scams
-
HHS facing challenges as lead agency for healthcare cybersecurity: GAO
by
in SecurityNewsThe department hasn’t implemented some policies recommended by the watchdog, which could pose a risk to cybersecurity in the sector;as attacks increase, according to the Government Accountability Office. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/healthcare-cybersecurity-policy-challenges/733466/
-
UK open to social media ban for kids as gov’t kicks off feasibility study
by
in SecurityNewsThe U.K. government is not ruling out further beefing up existing online safety rules by adding an Australian-style ban on social media for under 16s technology secretary, Peter Kyle, has said. Back in the summer the government warned it may toughen laws for tech platforms in the wake of riots that were perceived to have…