Tag: government
-
U.S. accuses Iran’s government of operating hacktivist group that hacked Stryker
The U.S. Justice Department said an Iranian security ministry operates the fake activist persona known as Handala, which claimed responsibility for the destructive hack targeting medical tech giant Stryker. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/20/u-s-accuses-irans-government-of-operating-hacktivist-group-that-hacked-stryker/
-
With Government’s Role Uncertain, Businesses Unite to Combat Fraud
Major industry leaders agree to share information and collaborate to boost defenses in the wake of distressing online scams. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/with-government-role-uncertain-businesses-unite-to-combat-fraud
-
The espionage reality: Your infrastructure is already in the collection path
Tags: access, apt, attack, authentication, breach, ciso, cloud, country, cyber, data, detection, espionage, exploit, governance, government, group, identity, infrastructure, injection, insurance, intelligence, network, risk, risk-assessment, service, spyware, theft, threat, toolCommercial spyware as an intelligence channel: Criminal operators deploying Predator, a spyware suite sold by the sanctioned Intellexa consortium, have been documented across more than a dozen countries. US sanctions haven’t slowed them down an iota. Their targets are not random: journalists, activists, politicians, human”‘rights defenders, government employees and contractors, and other high”‘value individuals. Why?…
-
The espionage reality: Your infrastructure is already in the collection path
Tags: access, apt, attack, authentication, breach, ciso, cloud, country, cyber, data, detection, espionage, exploit, governance, government, group, identity, infrastructure, injection, insurance, intelligence, network, risk, risk-assessment, service, spyware, theft, threat, toolCommercial spyware as an intelligence channel: Criminal operators deploying Predator, a spyware suite sold by the sanctioned Intellexa consortium, have been documented across more than a dozen countries. US sanctions haven’t slowed them down an iota. Their targets are not random: journalists, activists, politicians, human”‘rights defenders, government employees and contractors, and other high”‘value individuals. Why?…
-
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
Tags: ai, authentication, automation, breach, cloud, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, government, identity, malware, monitoring, password, phishing, ransomware, supply-chain, theft, threat, tool67 / sixseven: 140.4Msweet / cookie / candy / cake / pie: 5.7Mchiefs / kansas city chiefs: 5M2025: 4.1Mapple / banana / orange / strawberry / fruit: 2.6MPassword reuse remains widespread, and the report also identified 1.1 million password manager master passwords circulating in underground sources, raising concerns about vault-level compromise when master credentials are…
-
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
Tags: ai, authentication, automation, breach, cloud, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, government, identity, malware, monitoring, password, phishing, ransomware, supply-chain, theft, threat, tool67 / sixseven: 140.4Msweet / cookie / candy / cake / pie: 5.7Mchiefs / kansas city chiefs: 5M2025: 4.1Mapple / banana / orange / strawberry / fruit: 2.6MPassword reuse remains widespread, and the report also identified 1.1 million password manager master passwords circulating in underground sources, raising concerns about vault-level compromise when master credentials are…
-
Can Zero Trust survive the AI era?
As AI increases the speed of cyber attacks, governments and businesses must weigh the tradeoffs that come with deploying semi-autonomous AI agents to stop them. First seen on cyberscoop.com Jump to article: cyberscoop.com/ai-zero-trust-security-federal-agencies-elastic-public-sector/
-
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared
Tags: attack, cisco, cve, defense, exploit, firewall, government, group, healthcare, infrastructure, malicious, malware, ransom, ransomware, service, software, tool, update, vulnerability, zero-dayCSO that the “week’s head start” he referred to was the gap between the date of the first exploit that Amazon’s later analysis had unearthed and Cisco’s discovery of the bug.Amazon gained insight into the attacker’s infrastructure by using the honeypot to mimic a vulnerable firewall system. This resulted in an attack on the honeypot,…
-
Drohender Flickenteppich bei KI-Regeln nach Abstimmung im EU-Parlament
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/drohung-flickenteppich-ki-regeln-abstimmung-eu-parlament
-
FBI Data Purchases Ignite New Clash Over Privacy and Surveillance
Lawmakers pressed the FBI this week after Director Kash Patel confirmed the agency is purchasing information that can track Americans’ movements, reopening a contentious debate over privacy and the limits of government surveillance. The acknowledgment came during a Senate Intelligence Committee hearing, where Patel said the bureau buys data from private vendors as part of..…
-
FBI Data Purchases Ignite New Clash Over Privacy and Surveillance
Lawmakers pressed the FBI this week after Director Kash Patel confirmed the agency is purchasing information that can track Americans’ movements, reopening a contentious debate over privacy and the limits of government surveillance. The acknowledgment came during a Senate Intelligence Committee hearing, where Patel said the bureau buys data from private vendors as part of..…
-
FBI Data Purchases Ignite New Clash Over Privacy and Surveillance
Lawmakers pressed the FBI this week after Director Kash Patel confirmed the agency is purchasing information that can track Americans’ movements, reopening a contentious debate over privacy and the limits of government surveillance. The acknowledgment came during a Senate Intelligence Committee hearing, where Patel said the bureau buys data from private vendors as part of..…
-
Water utilities need hands-on cybersecurity help, not just free guidance, pilot program finds
In a new report, Microsoft criticized the federal government for scaling back support to critical infrastructure operators. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/water-cybersecurity-microsoft-pilot-program-lessons/815196/
-
White House pours cold water on cyber ‘letters of marque’ speculation
The Trump administration is not considering cyber “letters of marque” or allowing private companies to carry out cyberattacks on behalf of the U.S. government, senior White House officials said this week, pushing back on growing speculation about the role of industry in U.S. cyber operations. First seen on therecord.media Jump to article: therecord.media/offensive-cyber-white-house-hacking
-
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
Tags: attack, exploit, flaw, government, hacker, intelligence, military, russia, service, ukraine, vulnerabilityHackers part of APT28, a state-backed threat group linked to Russia’s military intelligence service (GRU), are exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks targeting Ukrainian government entities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-apt28-military-hackers-exploit-zimbra-flaw-in-ukrainian-govt-attacks/
-
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
The Russian state-backed hacker group APT28 targeted a Ukrainian government agency by exploiting a vulnerability in Zimbra webmail software. First seen on therecord.media Jump to article: therecord.media/russia-hackers-ukraine-zimbra-breach
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
Fake-ITler: Nordkoreanische IT-Agenten machen 500 Millionen USD
Fake-ITler aus Nordkorea erwirtschaften für ihre Regierung im Jahr 500 Millionen US-Dollar. Unternehmen können auf Warnzeichen achten. First seen on golem.de Jump to article: www.golem.de/news/fake-itler-nordkoreanische-it-agenten-machen-500-millionen-usd-2603-206680.html
-
Anthropic ban heralds new era of supply chain risk, with no clear playbook
Tags: ai, business, ceo, cisco, ciso, compliance, control, data, defense, framework, government, group, infrastructure, intelligence, law, monitoring, network, RedTeam, risk, risk-management, sbom, software, strategy, supply-chain, technology, threat, toolCompliance pressure before policy clarity: For organizations that do business with the federal government, the implications extend beyond technical challenges into legal and contractual risk. Alex Major, co-chair of government contracts and global trade practice at law firm McCarter and English, tells CSO that supply chain designations like the Anthropic ban tend to move quickly…
-
Anthropic ban heralds new era of supply chain risk, with no clear playbook
Tags: ai, business, ceo, cisco, ciso, compliance, control, data, defense, framework, government, group, infrastructure, intelligence, law, monitoring, network, RedTeam, risk, risk-management, sbom, software, strategy, supply-chain, technology, threat, toolCompliance pressure before policy clarity: For organizations that do business with the federal government, the implications extend beyond technical challenges into legal and contractual risk. Alex Major, co-chair of government contracts and global trade practice at law firm McCarter and English, tells CSO that supply chain designations like the Anthropic ban tend to move quickly…
-
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Tags: attack, cisa, cisco, cve, cybersecurity, exploit, flaw, government, infrastructure, microsoft, office, ransomware, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild.The vulnerabilities in question are as follows -CVE-2025-66376 (CVSS score: 7.2) – A stored cross-site scripting First seen…
-
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-zimbra-xss-flaw-exploited-in-attacks/
-
Second iOS exploit kit emerges from suspected Russian hackers using possible U.S. government-developed tools
The kit, named DarkSword, has a variety of possible implications, the research from iVerify, Lookout and Google suggests. First seen on cyberscoop.com Jump to article: cyberscoop.com/second-ios-exploit-kit-emerges-from-suspected-russian-hackers-using-possible-u-s-government-developed-tools/
-
Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools
A suspected group of Russian government hackers was caught targeting Ukrainians with new iPhone hacking tools designed for espionage and potentially to steal crypto. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/18/russians-caught-stealing-personal-data-from-ukrainians-with-new-advanced-iphone-hacking-tools/
-
FancyBear Server Leak Exposes Stolen Credentials, 2FA Secrets, NATO Targets
Tags: 2fa, breach, credentials, cyber, data-breach, espionage, government, infrastructure, leak, military, russiaFancyBear’s latest operational security failure has exposed a live Russian espionage server packed with stolen credentials, 2FA secrets, and detailed insight into the ongoing targeting of European government and military networks. The exposed infrastructure, tied to APT28/FancyBear and previously reported by CERT”‘UA and Hunt.io, reveals both the scale of the compromises and the carelessness of…
-
SideWinder Espionage Campaign Expands Across Southeast Asia
Tags: espionage, government, group, india, infrastructure, phishing, spear-phishing, threat, vulnerabilityThe suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent access. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sidewinder-espionage-campaign-expands-across-southeast-asia
-
Cybersecurity and privacy priorities for 2026: The legal risk map
Tags: attack, authentication, awareness, best-practice, breach, communications, country, cyber, cybersecurity, data, defense, finance, fraud, governance, government, incident, incident response, infrastructure, law, mfa, monitoring, privacy, ransomware, regulation, risk, risk-management, service, strategy, supply-chain, threat, usaContinued federal interest in cybersecurity and privacy, especially in connection with national security concerns: The evident connection between cybersecurity and privacy and national security have led to a number of federal initiatives in recent years. Most recently in March 2026, the White House announced the current administration’s Cyber Strategy for America, renewing a commitment to…
-
Cybercriminals scale up, government sector hit hardest
Government agencies faced the highest volume of cyberattack campaigns in 2025, according to new findings from HPE Threat Labs, which tracked 1,186 active campaigns over the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/18/government-agencies-cyberattack-campaigns-volume/

