Tag: government
-
Iran’s partial internet shutdown may be a windfall for cybersecurity intel
only available launchpads. A connection from the Ministry of Agriculture might not be a farmer. It’s likely a tunnel for a state actor who needs an exit node.”Ranjbar said the removal of the traffic from millions of routine Iranian business and residential users allows a powerful visibility into Iranian government traffic patterns, thereby allowing SOCs…
-
Sources: DHS finalizing replacement for disbanded critical infrastructure security council
ANCHOR will restart conversations between government and industry around critical infrastructure security, with some changes around liability and other areas. First seen on cyberscoop.com Jump to article: cyberscoop.com/dhs-anchor-cipac-replacement-critical-infrastructure-cybersecurity-liability-protections/
-
CERT-UA reports PLUGGYAPE cyberattacks on defense forces
CERT-UA reported PLUGGYAPE malware attacks on Ukraine’s defense forces, linked with medium confidence to Russia’s Void Blizzard group. The Computer Emergency Response Team of Ukraine (CERT-UA) reported new cyberattacks against Ukraine’s defense forces using PLUGGYAPE malware. Government experts attributed the attack with medium confidence to the Russian-linked group Void Blizzard (aka Laundry Bear, UAC-0190), active…
-
SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats
Tags: access, ai, authentication, breach, business, communications, compliance, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, defense, government, grc, group, identity, incident response, infosec, infrastructure, malware, monitoring, phishing, ransomware, risk, risk-management, service, supply-chain, technology, theft, threat, toolFor government agencies and critical infrastructure operators, supply chain threats present national security risks that demand heightened vigilance. Public sector organizations managing sensitive data and critical services increasingly rely on contractors and technology vendors whose compromised credentials could provide adversaries with pathways into classified systems or essential infrastructure. Last year alone, the top 98 Defense…
-
US cybersecurity weakened by congressional delays despite Plankey renomination
Tags: business, cisa, cyber, cybersecurity, government, infrastructure, law, network, risk, strategy, threatCISA 2015 reauthorization: Likely, but late and suboptimal: A major cybersecurity bill called the Cybersecurity Information Sharing Act of 2015 (CISA 2015), which expired on Sept. 30, was temporarily revived on Nov. 13 and given a two-month lease on life through Jan. 30, 2026. The law provides critical legal liability protections that enable cyber threat…
-
MS-ISAC Flags High-Risk Security Flaws in Fortinet Products
A new cybersecurity advisory from the Multi-State Information Sharing and Analysis Center (MS-ISAC) is alerting organizations to multiple vulnerabilities affecting Fortinet products, some of which could allow attackers to execute arbitrary code on impacted systems. The advisory, identified as MS-ISAC Advisory 2026-003, was issued on January 13, 2026, and applies to a wide range of enterprise, government, and education-focused…
-
UK government backtracks on plans for mandatory digital ID
The proposed national digital identity app will no longer be compulsory for conducting right-to-work checks, removing the most contentious and widely criticised element of the scheme First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366637189/UK-government-backtracks-on-plans-for-mandatory-digital-ID
-
SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats
Austin, TX / USA, January 14th, 2026, CyberNewsWire New monitoring capability delivers unprecedented visibility into vendor identity exposures, moving enterprises and government agencies from static risk scoring to protecting against actual identity threats. SpyCloud, the leader in identity threat protection, today announced the launch of its Supply Chain Threat Protection solution, an advanced layer of…
-
New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification
Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise.Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%).Download the First…
-
ColorTokens Achieves FedRAMP® Moderate ATO for Xshield
ColorTokens is proud to announce that its Xshield Enterprise Microsegmentation Platform has achieved a FedRAMP® Moderate Authority to Operate (ATO), a significant milestone that underscores our commitment to delivering secure, resilient, and mission-ready cybersecurity solutions for the U.S. Federal Government. FedRAMP (the Federal Risk and Authorization Management Program) is the U.S. government’s gold standard for cloud security. Achieving a Moderate ATO means that Xshield has successfully met……
-
For application security: SCA, SAST, DAST and MAST. What next?
Tags: advisory, ai, application-security, automation, best-practice, business, cisa, cisco, cloud, compliance, container, control, cve, data, exploit, flaw, framework, gartner, government, guide, ibm, incident response, infrastructure, injection, kubernetes, least-privilege, ml, mobile, network, nist, resilience, risk, sbom, service, software, sql, supply-chain, threat, tool, training, update, vulnerability, waf<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?quality=50&strip=all&w=1024" alt="Chart: Posture, provenance and proof." class="wp-image-4115680" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?quality=50&strip=all 1430w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=768%2C431&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=1024%2C575&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”575″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> Sunil GentyalaOver the past year the community has admitted the obvious: the battleground is the software supply chain and…
-
Driving Passwordless Adoption with FIDO and Biometric Authentication
Tags: access, attack, authentication, awareness, banking, breach, business, cloud, compliance, container, control, credentials, cyber, data, defense, fido, finance, fraud, government, Hardware, iam, identity, insurance, login, mobile, passkey, password, phishing, risk, service, technology, threat, trainingDriving Passwordless Adoption with FIDO and Biometric Authentication madhav Tue, 01/13/2026 – 06:13 For decades, passwords have been the default mechanism for securing digital access. They are deeply embedded in enterprise systems and workflows, yet they were never designed to withstand today’s threat landscape. Cybersecurity Sarah Lefavrais – IAM Product Marketing Manager More About This…
-
India demands crypto outfits geolocate customers, get a selfie to prove they’re real
Government is fed up with bad actors using digi-cash to fund dodgy deeds First seen on theregister.com Jump to article: www.theregister.com/2026/01/13/india_crypto_kyc_aml_update/
-
NIST Calls for Public to Help Better Secure AI Agents
NIST Seeks Input to Protect AI Systems Used in Government, Critical Infrastructure. The National Institute of Standards and Technology is seeking public input from security experts and stakeholders to weigh in on security threats from agentic AI warning they may be vulnerable to exploits like hijacking, backdoors and misaligned behavior across federal networks. First seen…
-
Minnesota Sues to Stop ICE ‘Invasion’
Tags: governmentThe state of Minnesota, along with the Twin Cities, have sued the US government and several officials to halt the flood of agents carrying out an Immigration and Customs Enforcement operation. First seen on wired.com Jump to article: www.wired.com/story/minnesota-sues-to-stop-ice-invasion/
-
Internet monitoring experts say Iran blackout likely to continue
Several internet access monitors tracking the situation said the government has continued the total internet shutdown and plans to implement a whitelist of limited, approved sites, indicating the internet blackout is likely to continue for several more days. First seen on therecord.media Jump to article: therecord.media/internet-monitoring-experts-say-iran-blackouts-continue
-
FBI Flags Quishing Attacks From North Korean APT
A state-sponsored threat group tracked as Kimsuky sent QR-code-filled phishing emails to US and foreign government agencies, NGOs, and academic institutions. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/fbi-quishing-attacks-north-korean-apt
-
Armenia probes alleged sale of 8 million government records on hacker forum
The dataset, advertised on an underground forum for $2,500, is said to contain about 8 million records linked to official notifications, including communications from police and judicial bodies. First seen on therecord.media Jump to article: therecord.media/armenia-probes-alleged-sale-government-records
-
CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks
Tags: attack, cisa, exploit, flaw, government, rce, remote-code-execution, update, vulnerability, zero-dayCISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-gogs-rce-flaw-exploited-in-zero-day-attacks/
-
British regulator Ofcom opens investigation into X
The UK body said it is not a government censor, and the inquiry will determine whether X is facilitating the spread of nonconsensual deepfake pornography of adults and children. First seen on cyberscoop.com Jump to article: cyberscoop.com/ofcom-opens-investigation-into-x-over-nonconsensual-deepfakes/
-
Ofcom officially investigating X as Grok’s nudify button stays switched on
Tags: governmentTech minister Liz Kendall says the government will back a robust regulatory response First seen on theregister.com Jump to article: www.theregister.com/2026/01/12/xai_grok_uk_regulation/
-
Iran-linked MuddyWater APT deploys Rust-based implant in latest campaign
Rust offers evasion advantages: CloudSEK researchers said RustyWater was developed in Rust, which they said is increasingly used by malware authors for its memory safety features and cross-platform capabilities, according to the blog post. Other state-sponsored groups, including Russia’s Gossamer Bear and China-linked actors, have also deployed Rust-based malware in recent campaigns, according to security…
-
EU’s Chat Control could put government monitoring inside robots
Cybersecurity debates around surveillance usually stay inside screens. A new academic study argues that this boundary no longer holds when communication laws extend into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/12/eu-chat-control-robots-surveillance/
-
India’s government denies it plans to demand smartphone source code
Says ongoing talks about security are about understanding best practice, not strong-arming vendors First seen on theregister.com Jump to article: www.theregister.com/2026/01/12/india_mobile_security/
-
Most Popular Cybersecurity Blogs From 2025
What were the top government technology and cybersecurity blog posts in 2025? The metrics tell us what cybersecurity and technology infrastructure topics were most popular. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/most-popular-cybersecurity-blogs-from-2025/
-
North Korealinked APT Kimsuky behind quishing attacks, FBI warns
FBI warns that North Korealinked APT group Kimsuky is targeting governments, think tanks, and academic institutions with quishing attacks. North Korealinked APT group Kimsuky is targeting government agencies, academic institutions, and think tanks using spear-phishing emails that contain malicious QR codes (quishing), the FBI warns. >>As of 2025, Kimsuky actors have targeted think tanks, academic…
-
How hackers are fighting back against ICE surveillance tech
Remember when government agents didn’t wear masks? First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/hackers_fight_back_against_ice/
-
Why AI-Powered Cyber Defense Is No Longer Optional for Modern Businesses
Large businesses or governments aren’t the only ones threatened by cyber attacks. Every organization is now equally threatened…. First seen on hackread.com Jump to article: hackread.com/ai-powered-cyber-defense-modern-businesses/
-
London council cyber attack exposes personal data and highlights risks of shared public-sector IT
A cyber attack on shared IT systems used by several London councils has resulted in the theft of personal data relating to thousands of residents, raising renewed concerns about the resilience of local government cyber security and the risks posed by interconnected public-sector infrastructure. Kensington and Chelsea Council confirmed that sensitive personal information was accessed…
-
The Cyber Express Weekly Roundup: Schools, Hacktivists, and National Cyber Overhauls
The opening week of 2026 has already highlighted the complexity of global cyber threats, with incidents affecting governments, educational institutions, and corporations alike. From school closures to corporate breaches and international policy shifts, cybersecurity news demonstrates that attacks are no longer confined to technical systems; they have real-world consequences for operations, public trust, and the…