Tag: country
-
32% of exploited vulnerabilities are now zero-days or 1-days
Russian and Iranian threat activity rises: The security industry attributes only some of the newly discovered exploits to known attacker groups, and only some of those groups have known countries of origin. As a result, statistics on the origin of attacks are not perfect.During the first half of 2025, 181 of CVEs added to the…
-
White House AI plan heavy on cyber, light on implementation
Tags: ai, automation, country, cyber, cybersecurity, defense, infrastructure, law, military, strategyIt’s a ‘north star’ strategy and not an executive order: Unlike strategy documents or executive orders issued by presidential administrations in the past, this action plan contains no implementation requirements, deadlines, or specifics on when many of its actions need to be completed or how. It is a “north star strategy for all of these…
-
Hundreds of organizations breached by SharePoint mass-hacks
One of the hacked organizations reportedly includes the U.S. agency responsible for maintaining the country’s stockpile of nuclear weapons. China-backed hackers have been observed carrying out the hacks targeting SharePoint servers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/23/hundreds-of-organizations-breached-by-sharepoint-mass-hacks/
-
Microsoft ‘digital escorts’ reveal crucial US counterintelligence blind spot
Tags: access, china, cio, cloud, compliance, country, cyber, cybersecurity, data, defense, firewall, framework, google, government, injection, intelligence, law, microsoft, military, oracle, risk, service, threat, update, vulnerabilityWhat the program was, and how it worked: The digital escort model, according to ProPublica, was designed to comply with federal contracting rules that prohibit foreign nationals from directly accessing sensitive government systems. Under this framework:China-based engineers would file support tickets for tasks such as firewall updates or bug fixes.US-based escorts, often former military personnel…
-
Poland investigates sabotage after air traffic control disruption delayed flights
A technical failure forced airspace restrictions and halted flights from major Polish airports. The country’s aviation authority is investigating potential sabotage. First seen on therecord.media Jump to article: therecord.media/poland-investigates-potential-sabotage-air-traffic-control
-
Threat actors scanning for apps incorporating vulnerable Spring Boot tool
Tags: access, attack, authentication, ciso, compliance, country, credentials, cybersecurity, data, data-breach, email, encryption, endpoint, exploit, finance, flaw, governance, group, hacker, incident response, infrastructure, Internet, kev, nist, organized, password, risk, technology, threat, tool, vulnerability, zero-day/health endpoints, commonly used to detect internet-exposed Spring Boot deployments. If vulnerable implementations of apps, including TeleMessage SGNL, are found, they could be exploited to steal sensitive data in heap memory, including plaintext usernames and passwords. The hole is serious enough that it was added this week to the US Cybersecurity and Infrastructure Security Agency’s Known Exploited…
-
Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen
Ransomware group Stormous claims it stole data from 600,000 North Country HealthCare patients across 14 sites in northern Arizona. The Stormous ransomware gang claims it has stolen personal and health data belonging to 600,000 patients from health provider North Country HealthCare. North Country HealthCare is a nonprofit, federally qualified health center (FQHC) based in northern…
-
Senate panel passes Intelligence Authorization Act that takes aim at telecom hacks
The measure aims to prevent compromise of U.S. telecommunications through strengthening network security by establishing “baseline cybersecurity requirements for vendors of telecommunications services” to the country’s 18 intelligence agencies, according to a summary of the bill released by the panel. First seen on therecord.media Jump to article: therecord.media/senate-panel-passes-intel-act-salt-typhoon-china
-
Four arrested in UK over M&S, Co-op, Harrods cyberattacks
The UK’s National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/four-arrested-in-uk-over-mands-co-op-harrods-cyberattacks/
-
UK NCA arrested four people over MS, Co-op cyberattacks
NCA arrested four people in UK, including three teens, over cyberattacks on M&S, Co-op, and Harrods, per its investigation. The British National Crime Agency (NCA) arrested four individuals in the country following an investigation into the recent wave of attacks targeting Co-op, M&S, and Harrods. On July 10, Law enforcement arrested 4 youths, aged 1720,…
-
Russian basketball player arrested in France over alleged ransomware ties
Daniil Kasatkin, 26, was detained in June at Paris’s Charles de Gaulle Airport shortly after arriving in the country with his fiancée, according to local media reports. First seen on therecord.media Jump to article: therecord.media/russian-basketball-player-arrested-in-france-ransomware
-
Four arrested in UK over M&S, Co-op, Harrod cyberattacks
The UK’s National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/four-arrested-in-uk-over-mands-co-op-harrod-cyberattacks/
-
Four arrested in UK over M&S, Co-op, Harrod cyberattacks
The UK’s National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/four-arrested-in-uk-over-mands-co-op-harrod-cyberattacks/
-
South Korean Government Imposes Penalties on SK Telecom for Breach
Following a breach at the country’s top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/south-korea-imposes-penalties-sk-telecom-breach
-
Treasury sanctions key player behind North Korean IT worker scheme
The United States identified and sanctioned another North Korean involved with the country’s IT worker schemes, this time for illicit operations based in China and Russia. First seen on therecord.media Jump to article: therecord.media/north-korea-it-worker-scheme-us-sanctions-song-kum-hyok
-
British criminals convicted over Wagner Group-linked arson attack on London warehouse
The attack was described as a “clear example of an organisation linked to the Russian state using ‘proxies’, in this case British men, to carry out very serious criminal activity in this country on their behalf.” First seen on therecord.media Jump to article: therecord.media/british-criminals-convicted-wagner-group-arson
-
NightEagle hackers exploit Microsoft Exchange flaw to spy on China’s strategic sectors
Attackers pursued stealthy persistence: Following successful exploitation of the zero-day, attackers deploy a modified Go-based version of Chisel, an open-source SOCKS tunneling tool, scheduling it to run every four hours and establish covert tunnels to their C2 servers.This allowed them to move in and out of the network whenever they wanted, enabling persistence for over…
-
Estonia’s cyber ambassador on digitalization, punching upwards and outing GRU spies
Recorded Future News spoke to Estonia’s cyber ambassador-at-large on the sidelines of the Tallinn Cyber Diplomacy Summer School about the country’s efforts to secure its digital services. First seen on therecord.media Jump to article: therecord.media/estonia-cyber-ambassador-interview
-
Police dismantles investment fraud ring stealing Euro10 million
The Spanish police have dismantled a large-scale investment fraud operation based in the country, which has caused cumulative damages exceeding Euro10 million ($11.8M). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/police-dismantles-investment-fraud-ring-stealing-10-million/
-
Threat Actors Exploit .COM TLD to Host Widespread Credential Phishing Sites
Threat actors have dramatically increased their exploitation of the cybersecurity sector, which is a disturbing development. Spain’s country code TLD, ES, is used to plan credential phishing attacks. According to recent findings from Cofense Intelligence, the abuse of .ES TLD domains surged by an astonishing 19-fold from Q4 2024 to Q1 2025, propelling it to…
-
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms
The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices.The campaign, detected at the beginning of First seen…
-
The Promise and Peril of Digital Security in the Age of Dictatorship
LGBTIQ+ organizations in El Salvador are using technology to protect themselves and create a record of the country’s ongoing authoritarian escalations against their community. It’s not without risks. First seen on wired.com Jump to article: www.wired.com/story/the-promise-and-peril-of-digital-security-in-the-age-of-dictatorship/
-
Hacktivists’ Claimed Breach of Nuclear Secrets Debunked
‘Bless Their Heart,’ Says Threat Intel Executive of Pro-Iranian Group. Security experts have dismissed pro-Iranian hacktivist group LulzSec Black’s claim to have breached Indian nuclear secrets in reprisal for the country’s support of Israel. Pro-Iran hacktivist groups’ SCADA-targeting, DDoS launching, data leaking and nuisance-level activities have surged. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hacktivists-claimed-breach-nuclear-secrets-debunked-a-28881
-
Spain arrests hackers who targeted politicians and journalists
The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country’s government. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/spain-arrests-hackers-who-targeted-politicians-and-journalists/
-
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
Tags: control, country, cybercrime, group, international, malicious, office, ransomware, russia, service, threatThe U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world.The sanctions also extend to its subsidiaries Aeza International Ltd., the U.K. branch of…
-
Australian Airline Qantas Hacked Attackers Gained Access to Customers Personal Data
Qantas Airways, Australia’s flagship carrier, has confirmed a major cyberattack that compromised the personal data of up to six million customers, marking one of the largest data breaches in the country’s aviation history. The breach, discovered earlier this week, targeted a third-party customer service platform used by one of Qantas’ offshore contact centres. According to…
-
Cyberattack on Russian independent media had links to US-sanctioned institute, researchers find
A Russian hosting provider allegedly involved in a recent cyberattack against independent media organizations in the country is reportedly connected to a state-affiliated research center sanctioned by the U.S. First seen on therecord.media Jump to article: therecord.media/cyberattack-on-russian-media-linked-to-sanctioned-institute
-
Ghost in the Machine: A Spy’s Digital Lifeline
Tags: access, ai, attack, authentication, best-practice, cloud, communications, control, country, crypto, cyber, data, encryption, endpoint, framework, government, Hardware, identity, infrastructure, intelligence, jobs, law, linux, mfa, military, network, resilience, risk, software, spy, strategy, technology, threat, tool, vpn, windows, zero-trust -
Scam centers are spreading, and so is the human cost
Human trafficking tied to online scam centers is spreading across the globe, according to a new crime trend update from INTERPOL. Human trafficking victims by country of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/01/interpol-human-trafficking-scam-centers/
-
Smart Country Convention 2025: BMDS übernimmt SCCON-Schirmherrschaft
Tags: countryFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/smart-country-convention-2025-bmds-sccon