Tag: country
-
Hackers Grab $130M Using Brazil’s Real-Time Payment System
HSBC and Another Firm Hit After Service Provider Breached; Some Funds Recovered. Attackers on Friday used valid credentials for financial technology provider Sinqia to steal $130 million from two financial services firms in Brazil, using the country’s real-time payment system Pix. The Brazilian Central Bank moved quickly to freeze the funds and has recovered some…
-
TDL 002 – Defending the DNS: How Quad9 Protects the Internet with John Todd
Tags: access, apple, attack, business, china, ciso, communications, control, country, crime, cyber, cybersecurity, data, defense, dns, email, encryption, firewall, google, ibm, india, infrastructure, intelligence, Internet, jobs, law, malicious, malware, network, phishing, privacy, service, strategy, technology, threat, tool, zero-trustSummary The Defender’s Log episode features John Todd from Quad9, discussing their mission to protect the internet through secure DNS. Quad9, a non-profit launched in 2017 with founding partners Global Cyber Alliance, Packet Clearing House, and IBM, provides a free, global recursive DNS resolver that blocks malicious domains. Todd emphasizes that Quad9’s success is a…
-
No, Trump Can’t Legally Federalize US Elections
The United States Constitution is clear: President Donald Trump can’t take control of the country’s elections. But he can sow confusion and fear. First seen on wired.com Jump to article: www.wired.com/story/trump-federalize-election-unconstitutional/
-
South Korea AI Act
What is the South Korea AI Act? South Korea’s Framework Act on the Development of Artificial Intelligence and Creation of a Trust Foundation, often referred to simply as the AI Framework Act or the AI Basic Act, is the country’s landmark law on artificial intelligence. It was passed by the National Assembly in December 2024,……
-
Chinese hacking group Salt Typhoon expansion prompts multinational advisory
Tags: advisory, attack, authentication, breach, china, cisco, communications, container, corporate, country, cyber, data, exploit, firmware, flaw, government, group, hacking, infrastructure, intelligence, Internet, ivanti, malware, military, monitoring, network, password, router, service, software, technology, threat, update, vulnerability, zero-dayIvanti, Palo Alto Networks, Cisco flaws exploited: Salt Typhoon has been active since at least 2021, targeting critical infrastructure in telecom, transportation, government, and military bodies around the globe. Notably, a “cluster of activity” has been observed in the UK, according to the country’s National Cyber Security Centre.The group has had “considerable success” with “n-days,”…
-
Dutch intelligence agencies report country was targeted by Chinese cyber spies
The Netherlands announced on Thursday that it was targeted by a Chinese cyber-espionage campaign tracked as Salt Typhoon and RedMike that has been compromising critical infrastructure globally. First seen on therecord.media Jump to article: therecord.media/dutch-intelligence-cyber-spies-salt
-
Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns
Tags: access, advisory, attack, authentication, backdoor, citrix, control, country, cve, cvss, cyber, cybersecurity, exploit, flaw, group, infrastructure, mitigation, rce, remote-code-execution, service, update, vulnerability, zero-dayNetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or service groups bound with IPv6 servers, and those bound with DBS IPv6 services or…
-
TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future – Chester Wisniewski
Tags: access, ai, attack, backdoor, breach, business, ciso, computer, country, crime, crimes, cyber, cybercrime, cybersecurity, data-breach, defense, detection, edr, email, finance, firewall, gartner, government, guide, hacker, hacking, Hardware, infosec, Internet, jobs, linkedin, mail, malicious, microsoft, military, monitoring, network, password, phishing, phone, privacy, programming, ransomware, risk, russia, scam, skills, software, sophos, spam, sql, strategy, switch, technology, threat, update, virus, vulnerability, wifi, windowsSummary “The Defenders Log” Episode 1 features host David Redekop and guest Chet Wisniewski discussing the dynamic world of cybersecurity. Wisniewski, with decades of experience, traces his journey from early BBS and phone network exploration to becoming a cybersecurity expert. They delve into the evolution of hacking, the emergence of profitable cybercrime like email spam,…
-
Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier
A suspected ransomware attack on a Swedish software provider is believed to have impacted around 200 of the country’s municipal governments. First seen on therecord.media Jump to article: therecord.media/sweden-municipalities-ransomware-software
-
TDL003 – Breaking Barriers: IPv6 Adoption and DNS Transformation with Tommy Jensen
Tags: access, ai, apple, attack, backup, banking, browser, business, ceo, chrome, ciso, compliance, computer, computing, control, country, credentials, cybersecurity, data, data-breach, ddos, dns, encryption, endpoint, google, government, group, international, Internet, jobs, law, microsoft, mobile, network, phishing, phone, privacy, programming, radius, risk, service, smishing, strategy, switch, technology, threat, update, vpn, windows, zero-trustSummary This episode of the Defender’s Log features special guest Tommy Jensen, an internet technologist specializing in IPv6, Zero Trust, and standards. Jensen’s career path, from an AppleCare contractor to a key figure in advancing internet technologies, is explored. The discussion highlights the critical importance and challenges of migrating to IPv6 and the necessity of…
-
Behind the Coinbase breach: Bribery emerges as enterprise threat
Coinbase’s widely praised incident response: Coinbase’s transparency, firm stance against the ransom, quick remediation, and willingness to compensate its customers earned wide praise from cybersecurity professionals.According to Coinbase’s Martin, the hackers resorted to paying help desk workers in India precisely because the company had built such a robust security program. Bribery, according to Martin, was…
-
Australian Bank Backtracks on AI-Led Job Cuts
Country’s Largest Lender Bank Offers to Reinstate 45 ‘Redundant’ Workers. Commonwealth Bank of Australia reversed plans to eliminate 45 call center positions after its chatbots failed to reduce customer service volume as promised, forcing the bank to offer overtime to remaining staff while facing union challenges over what may have been disguised outsourcing to India.…
-
Australian Bank Backtracks on AI-Led Job Cuts
Country’s Largest Lender Bank Offers to Reinstate 45 ‘Redundant’ Workers. Commonwealth Bank of Australia reversed plans to eliminate 45 call center positions after its chatbots failed to reduce customer service volume as promised, forcing the bank to offer overtime to remaining staff while facing union challenges over what may have been disguised outsourcing to India.…
-
Russia weighs Google Meet ban as part of foreign tech crackdown
A senior Russian official said the government is considering blocking the video conferencing service Google Meet after brief disruptions in the country late last week. First seen on therecord.media Jump to article: therecord.media/russia-google-meet-ban-crackdown
-
FCC removes 1,200 voice providers from telephone networks in major robocall crackdown
Attorneys general across the country are also taking action in a program dubbed “Operation Robocall Roundup.” First seen on cyberscoop.com Jump to article: cyberscoop.com/fcc-robocall-action-operation-robocall-roundup/
-
Ensuring security in a borderless world: The 30th anniversary of Schengen system
Tags: access, ai, cloud, compliance, computing, control, country, cyber, cybersecurity, data, dora, encryption, framework, GDPR, infrastructure, mfa, network, nis-2, office, privacy, regulation, resilience, technology, tool, update -
The U.S. Becomes the Global Epicenter of Ransomware”, Now What?
A recent report from TechRadar Pro reveals that the United States is now the most targeted country in the world for ransomware attacks, accounting for nearly 50% of all reported incidents globally in the first half of 2025. According to data shared by threat intelligence firm Malwarebytes, this marks a 146% increase in ransomware activity…
-
At least three UK organizations hit by SharePoint zero-day hacking campaign
At least three British organizations have reported to the country’s data protection regulator that hackers exploited bugs affecting on-premise Microsoft SharePoint servers. First seen on therecord.media Jump to article: therecord.media/organizations-united-kingdom-sharepoint
-
Dutch Investigators Blame Hacks on Multiple Threat Actors
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
Dutch Investigators Blame Multiple Threat Actors on Hacks
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
Wikipedia’s operator loses challenge to UK Online Safety Act rules
Although the U.K.’s High Court of Justice dismissed the foundation’s challenge, it said it would revisit the case if the organization was classified as category 1 by Ofcom, the country’s communications regulator, later this year. First seen on therecord.media Jump to article: therecord.media/wikipedia-loses-challenge-online-safety-act-uk
-
Australian Privacy Regulator Sues Optus Over 2022 Hack
Telecom May Face Up to $2.22 Million Per Violation in Fines. The Australian privacy watchdog sued Optus, saying the country’s second largest telecom failed for years to protect sensitive customer data breached during a September 2022 incident affecting nearly 10 million people. The regulator said Optus faces a potential fine of up to AU$21.9 trillion.…
-
Russia Uses ISPs to Spy on Diplomats, Warns Microsoft
Russian Intelligence Tied to SSL Stripping Attacks Designed for Eavesdropping. Russian intelligence since 2024 has been using their country’s internet service providers to run adversary-in-the-middle attacks designed to infect diplomats inside the country’s borders with intelligence-gathering malware, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russia-uses-isps-to-spy-on-diplomats-warns-microsoft-a-29113
-
32% of exploited vulnerabilities are now zero-days or 1-days
Russian and Iranian threat activity rises: The security industry attributes only some of the newly discovered exploits to known attacker groups, and only some of those groups have known countries of origin. As a result, statistics on the origin of attacks are not perfect.During the first half of 2025, 181 of CVEs added to the…
-
White House AI plan heavy on cyber, light on implementation
Tags: ai, automation, country, cyber, cybersecurity, defense, infrastructure, law, military, strategyIt’s a ‘north star’ strategy and not an executive order: Unlike strategy documents or executive orders issued by presidential administrations in the past, this action plan contains no implementation requirements, deadlines, or specifics on when many of its actions need to be completed or how. It is a “north star strategy for all of these…
-
Hundreds of organizations breached by SharePoint mass-hacks
One of the hacked organizations reportedly includes the U.S. agency responsible for maintaining the country’s stockpile of nuclear weapons. China-backed hackers have been observed carrying out the hacks targeting SharePoint servers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/23/hundreds-of-organizations-breached-by-sharepoint-mass-hacks/
-
Microsoft ‘digital escorts’ reveal crucial US counterintelligence blind spot
Tags: access, china, cio, cloud, compliance, country, cyber, cybersecurity, data, defense, firewall, framework, google, government, injection, intelligence, law, microsoft, military, oracle, risk, service, threat, update, vulnerabilityWhat the program was, and how it worked: The digital escort model, according to ProPublica, was designed to comply with federal contracting rules that prohibit foreign nationals from directly accessing sensitive government systems. Under this framework:China-based engineers would file support tickets for tasks such as firewall updates or bug fixes.US-based escorts, often former military personnel…
-
Poland investigates sabotage after air traffic control disruption delayed flights
A technical failure forced airspace restrictions and halted flights from major Polish airports. The country’s aviation authority is investigating potential sabotage. First seen on therecord.media Jump to article: therecord.media/poland-investigates-potential-sabotage-air-traffic-control
-
Threat actors scanning for apps incorporating vulnerable Spring Boot tool
Tags: access, attack, authentication, ciso, compliance, country, credentials, cybersecurity, data, data-breach, email, encryption, endpoint, exploit, finance, flaw, governance, group, hacker, incident response, infrastructure, Internet, kev, nist, organized, password, risk, technology, threat, tool, vulnerability, zero-day/health endpoints, commonly used to detect internet-exposed Spring Boot deployments. If vulnerable implementations of apps, including TeleMessage SGNL, are found, they could be exploited to steal sensitive data in heap memory, including plaintext usernames and passwords. The hole is serious enough that it was added this week to the US Cybersecurity and Infrastructure Security Agency’s Known Exploited…