Tag: government
-
Ghostwriter group resumes attacks on Ukrainian Government targets
ESET uncovered new Ghostwriter (aka FrostyNeighbor) activity targeting Ukrainian government organizations in a campaign active since March 2026. ESET researchers published a new report documenting fresh activity attributed to the APT group FrostyNeighbor, aka Ghostwriter, active since at least March 2026, targeting Ukrainian governmental organizations. The campaign is similar to previous FrostyNeighbor’s campaigns. The threat…
-
Hackers Exploit Scheduled Tasks for Persistence in FrostyNeighbor Attacks
Hackers linked to the long-running FrostyNeighbor cyber”‘espionage group have intensified attacks against Ukrainian government organizations, deploying updated techniques that rely on scheduled tasks for stealthy persistence and server-side validation to evade detection. FrostyNeighbor also tracked as Ghostwriter, UNC1151, and TA445 has been active since at least 2016 and is widely believed to operate in alignment…
-
‘FrostyNeighbor’ APT Carefully Targets Govt Orgs in Poland, Ukraine
Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/frostyneighbor-apt-govt-orgs-poland-ukraine
-
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
A group of likely Russian government hackers tried to hack a security researcher who investigates spyware attacks. He was then able to turn the tables on the hackers and reveal details of their espionage campaign. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/14/a-spyware-investigator-exposed-russian-government-hackers-trying-to-hijack-signal-accounts/
-
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC”‘0057 First seen on…
-
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC”‘0057 First seen on…
-
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
Tags: attack, authentication, business, cloud, communications, control, credentials, defense, detection, email, framework, government, infrastructure, login, malicious, malware, mfa, microsoft, phishing, service, theftThe campaign dynamically adapts to victims: After deobfuscation, the phishing payload loads infrastructure designed to impersonate Microsoft 365 and other login portals while dynamically adapting to targeted users.According to the report, the malware can determine which authentication provider should be impersonated, preload victim email addresses into phishing pages, and customize branding elements such as company…
-
What CISOs need to land a board role
Tags: business, ciso, control, corporate, cyber, cybersecurity, finance, governance, government, intelligence, jobs, resilience, risk, skills, strategy, trainingTips for CISOs aiming for a board role: For CISOs interested in contributing to global vendor boards, Morelli advises focusing on becoming a partner, not just a customer. This requires the ability to articulate how a product’s evolution impacts the risk profile of an entire sector.For non-industry or public boards, CISOs must be comfortable contributing…
-
AI cyber capability is speeding past earlier projections
AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institute (AISI). AISI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/14/ai-cyber-models-capability-projections/
-
Google launches new Android security feature to help uncover spyware attacks
Intrusion Logging is a new part of Android’s Advanced Protection Mode, which aims to help protect human rights activists, journalists, and dissidents from government spyware attack and law enforcement forensic devices. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/12/google-launches-new-android-security-feature-to-help-uncover-spyware-attacks/
-
Europäisches Parlament: Wissenschaftlicher Dienst fordert Identitätsnachweis bei VPN-Nutzung
Der wissenschaftliche Dienst des Europäischen Parlaments schlägt einen erzwungenen Identitätsnachweis bei jeder VPN-Nutzung vor. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/europaeisches-parlament-wissenschaftlicher-dienst-fordert-identitaetsnachweis-bei-vpn-nutzung-329095.html
-
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
Tags: access, ai, cisco, crowdstrike, cyber, cybersecurity, defense, detection, fortinet, framework, government, malware, network, openai, oracle, penetration-testing, RedTeam, risk, software, strategy, technology, update, vulnerabilityOpenAI’s cybersecurity model stack: OpenAI is pursuing a scalable cyber defense platform strategy with Daybreak and is rolling out the initiative through three different model tiers: GPT-5.5 (default), GPT-5.5 with Trusted Access for Cyber, and GPT-5.5-Cyber.The standard GPT-5.5 model is positioned for general-purpose enterprise use cases, including developer assistance and knowledge work. GPT-5.5 with Trusted…
-
AI and an absent government: Takeaways from RSAC 2026
Cybersecurity professionals spent the recent conference discussing the balance between autonomy and oversight. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-cybersecurity-government-partnerships-rsac-conference/817451/
-
UK government renews calls to sign Cyber Resilience Pledge
Westminster renews calls for business leaders to sign up to its yet-to-be-launched Cyber Resilience Pledge and highlights growth, and challenges, for the UK’s cyber economy. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642938/UK-government-renews-calls-to-sign-Cyber-Resilience-Pledge
-
The Netherlands leads in quantum technology but lags on quantum security
The Dutch government has invested Euro615m to build a world-class quantum technology ecosystem, but many institutions have not started any quantum-specific preparations to protect themselves against the security threat First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642917/The-Netherlands-leads-in-quantum-technology-but-lags-on-quantum-security
-
Core42 partners with Solutions+ on Mubadala sovereign AI
Agreement announced at Make it in the Emirates will see Core42 provide sovereign cloud and AI infrastructure while Solutions+ delivers implementation services and enterprise AI applications across Mubadala portfolio companies and government entities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642883/Core42-partners-with-Solutions-on-Mubadala-sovereign-AI
-
Baden-Württemberg: Grün-Schwarz streicht den Datenschutz zusammen
Die neue Regierung unter Cem Özdemir will fast die Hälfte der Stellen beim Landesdatenschutzbeauftragten streichen. First seen on golem.de Jump to article: www.golem.de/news/baden-wuerttemberg-gruen-schwarz-streicht-den-datenschutz-zusammen-2605-208528.html
-
Iranian government hackers using Chaos ransomware as cover, researchers say
First seen on therecord.media Jump to article: therecord.media/iran-government-hackers-use-chaos-ransomware-as-cover
-
Breach Roundup: Microsoft Edge Turns Passwords Into Targets
Tags: attack, breach, data, data-breach, ddos, government, ivanti, microsoft, north-korea, password, scamAlso, Taiwan Rail Hack, Massive DDoS Attack and Karakurt Jail Sentence. This week, Microsoft Edge exposed passwords, Taiwan police make arrests in high-speed rail hack and a 2.45 billion-request DDoS attack. A Karakurt negotiator jailed, North Korean IT worker scams led to prison terms and France detained a teen over a government data breach. Another…
-
Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage
The post Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/oman-government-cyberattack-hunt-intelligence-apt34-muddywater/
-
One House Democrat is pressing Commerce on the government’s spyware use
Rep. Summer Lee’s letter, first reported by CyberScoop, follows ICE confirmation of using spyware and news of a Trump ally becoming NSO Group’s executive chairman. First seen on cyberscoop.com Jump to article: cyberscoop.com/democrat-summer-lee-letter-briefing-nso-group-spyware-trump/
-
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America and southeastern Europe. The campaign focuses on long-term access and data theft, combining advanced backdoors like NetDraft and CloudSorcerer with aggressive network reconnaissance and credential theft. Researchers assess with high confidence…
-
Ten years later, has the GDPR fulfilled its purpose?
Tags: access, ai, breach, business, china, cio, compliance, data, data-breach, dora, finance, flaw, framework, GDPR, governance, government, international, jobs, law, mobile, office, privacy, regulation, risk, service, technology, tool, trainingFernando Maldonado, technology advisor at Foundry. MuleSoft. Gray areas remain: Still, if anything has been demonstrated in the decade since its entry into force, it’s that the GDPR still has a long way to go.Miguel Recio, president of APEP.IA (Spanish Professional Association for Privacy), argues that some of the limitations that have been exposed about the…
-
US government agency to safety test frontier AI models before release
Executive order ‘taking shape’: Following the announcement from CAISI, a published report on Wednesday indicated that the White House is on the verge of preparing an executive order that would see the creation of a vetting system for all new artificial intelligence models, key among them Anthropic’s Mythos.Bloomberg reported, “the directive is taking shape weeks…
-
The Winter Games effect: When gold meets DDoS
Tags: attack, botnet, cctv, ddos, defense, detection, dns, government, group, infrastructure, international, Internet, iot, jobs, lockbit, network, penetration-testing, ransomware, router, service, strategy, threat, windowsAttack volumes 610x historical levels during the Winter Games period (February 623, 2026)Peak attack count reached more than 2,200 attacks on February 23NoName057(16) dominated public DDoS hacktivist claims with 47, although ransomware groups (Qilin, LockBit 5.0) also claimed success in various attacksTactical shift from pre-Winter Games high-bandwidth attacks (412.89Gbps peak) to Winter Games-period high-throughput attacksGeographic…
-
A DOD contractor’s API flaw exposed military course data and service member records
Researchers say Schemata’s platform exposed names, emails, base assignments, and course materials before the company patched the issue and contacted government authorities. First seen on cyberscoop.com Jump to article: cyberscoop.com/schemata-dod-contractor-api-flaw-military-data-exposure/
-
DOJ says ransomware gang tapped into Russian government databases
U.S. prosecutors said a ransomware gang fueled Russian government corruption, and allowed the gang’s leaders to avoid paying taxes and dodge the country’s military draft. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/06/doj-says-ransomware-gang-tapped-into-russian-government-databases/
-
NIST will test three major tech firms’ frontier AI models for cybersecurity risks
After Anthropic’s announcement of Claude Mythos, agencies across the government are racing to get ahead of new AI models’ potential dangers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/nist-ai-model-testing-caisi-google-microsoft/819452/
-
Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations
The UC Berkeley Center for Long-Term Cybersecurity (CLTC) offers tools and support to schools, local governments, and non-profits as they defend themselves against a growing volume of cyberattacks. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/research-hub-bridges-cybersecurity-gap-organizations
-
Cisco Talos Unmasks UAT-8302’s Global Government Espionage Network
The post Cisco Talos Unmasks UAT-8302’s Global Government Espionage Network appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/uat-8302-china-apt-espionage-netdraft-cloudsorcerer-talos/