Tag: government
-
Security for AI: A Practical Guide to Enforcing Your AI Acceptable Use Policy
Tags: access, ai, awareness, best-practice, business, chatgpt, compliance, control, corporate, data, data-breach, disinformation, finance, governance, government, guide, intelligence, LLM, malicious, monitoring, openai, privacy, regulation, risk, service, strategy, technology, threat, tool, training, update, vulnerabilityAn AI acceptable use policy can help your organization mitigate the risk of employees accidentally exposing sensitive data to public AI tools. Benchmark your organization’s policy against our best practices and discover how prompt-level visibility from Tenable AI Exposure eases policy enforcement. Key takeaways: An AI acceptable use policy governs the appropriate use of generative…
-
Researchers warn of Qilin ransomware gang after group hit hundreds of orgs this year
In October alone, the suspected Russia-based group added more than 185 victims to its leak site, claiming to be behind recent cybersecurity incidents at Japanese beverage giant Asahi, the Texas city of Sugar Land, a county government in North Carolina and multiple power companies in Texas. First seen on therecord.media Jump to article: therecord.media/qilin-ransomware-gang-hits-hundreds-of-orgs-2025
-
Alan Turing institute launches new mission to protect UK from cyber-attacks
Programme is designed to defend energy, transport and utilities amid concern over vulnerability to internet outagesBritain’s leading AI institute has announced a new mission to help protect the nation from cyber-attacks on infrastructure, including energy, transport and utilities, after it was embroiled in <a href=”https://www.theguardian.com/technology/2025/aug/10/staff-alan-turing-institute-ai-complain-watchdog”>allegations of toxic work culture and the chair <a href=”https://www.theguardian.com/technology/2025/sep/04/head-of-alan-turing-institute-jean-innes-resigns”>resigned amid…
-
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Tags: attack, backdoor, cyber, espionage, government, group, intelligence, international, iran, middle-east, phishing, threatAdvanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attributed the campaign to the Iran-linked threat actor with high confidence, revealing an alarming escalation in the group’s espionage capabilities and operational sophistication. The attack…
-
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Tags: attack, backdoor, cyber, espionage, government, group, intelligence, international, iran, middle-east, phishing, threatAdvanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attributed the campaign to the Iran-linked threat actor with high confidence, revealing an alarming escalation in the group’s espionage capabilities and operational sophistication. The attack…
-
UN’s First Global Cybercrime Treaty Sparks Debate Over Privacy and Surveillance
While many governments have celebrated the treaty’s adoption, rights organizations and technology firms have expressed concern. The post UN’s First Global Cybercrime Treaty Sparks Debate Over Privacy and Surveillance appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-un-cybercrime-treaty/
-
Step aside, SOC. It’s time to ROC
Tags: attack, breach, business, communications, corporate, cyber, cybersecurity, data, defense, exploit, finance, framework, government, infrastructure, insurance, intelligence, military, monitoring, network, resilience, risk, risk-assessment, soc, strategy, threat, vpn, vulnerability, zero-dayWhat is a ROC?: At its core, the Resilience Risk Operations Center (ROC) is a proactive intelligence hub. Think of it as a fusion center in which cyber, business and financial risk come together to form one clear picture.While the idea of a ROC isn’t entirely new, versions of it have existed across government and…
-
Step aside, SOC. It’s time to ROC
Tags: attack, breach, business, communications, corporate, cyber, cybersecurity, data, defense, exploit, finance, framework, government, infrastructure, insurance, intelligence, military, monitoring, network, resilience, risk, risk-assessment, soc, strategy, threat, vpn, vulnerability, zero-dayWhat is a ROC?: At its core, the Resilience Risk Operations Center (ROC) is a proactive intelligence hub. Think of it as a fusion center in which cyber, business and financial risk come together to form one clear picture.While the idea of a ROC isn’t entirely new, versions of it have existed across government and…
-
Python Foundation goes ride or DEI, rejects government grant with strings attached
Tags: governmentFoundation says it won’t compromise policy of inclusivity even if that cash would’ve really helped First seen on theregister.com Jump to article: www.theregister.com/2025/10/27/python_foundation_abandons_15m_nsf/
-
Python Foundation goes ride or DEI, rejects government grant with strings attached
Tags: governmentFoundation says it won’t compromise policy of inclusivity even if that cash would’ve really helped First seen on theregister.com Jump to article: www.theregister.com/2025/10/27/python_foundation_abandons_15m_nsf/
-
Gamaredon Phishing Campaign Exploits WinRAR Vulnerability to Target Government Agencies
Tags: attack, cve, cyber, cybersecurity, exploit, government, group, malicious, phishing, software, threat, vulnerabilityCybersecurity researchers have uncovered a sophisticated phishing campaign orchestrated by the notorious Gamaredon threat group, specifically targeting government entities through exploitation of a critical WinRAR vulnerability. The attack leverages CVE-2025-8088, a path traversal vulnerability in the popular file compression software, to deliver weaponized RAR archives that silently deploy malicious payloads without requiring user interaction beyond…
-
Infosecurity Europe 2025: Securing an Uncertain World
Compendium Features Dozens of In-Depth Interviews With CEOs, CISOs and Researchers. Welcome to Information Security Media Group’s Infosecurity Europe 2025 Compendium featuring cybersecurity insights from industry’s top researchers, CEOs, CISOs, government leaders and more. Inside this guide, you’ll find links to video interviews created by ISMG.Studio. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/infosecurity-europe-2025-securing-uncertain-world-a-29841
-
CISA orders feds to patch Windows Server WSUS flaw used in attacks
Tags: attack, cisa, cybersecurity, exploit, flaw, government, infrastructure, service, update, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its catalog of security flaws exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-windows-server-wsus-flaw-exploited-in-attacks/
-
Critical Chrome 0-Day Under Attack: Mem3nt0 Mori Hackers Actively Exploiting Vulnerability
In March 2025, security researchers at Kaspersky detected a sophisticated campaign exploiting a previously unknown Chrome vulnerability to deliver advanced spyware to high-profile targets. The attack, dubbed Operation ForumTroll, leveraged personalized phishing links to compromise organizations across Russia, including media outlets, universities, research centers, government agencies, and financial institutions. A single click on a malicious…
-
CISA orders feds to patch Windows Server WSUS flaw used in attacks
Tags: attack, cisa, cybersecurity, exploit, flaw, government, infrastructure, service, update, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its catalog of security flaws exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-windows-server-wsus-flaw-exploited-in-attacks/
-
MPs urge government to stop Britain’s phone theft wave through tech
Committee says Apple, Google, and Samsung could render stolen handsets worthless if compelled to act First seen on theregister.com Jump to article: www.theregister.com/2025/10/25/uk_committee_phone_theft/
-
Middle East Cyber Resilience 2030: Unified Defense in a $26B Market
The Middle East is undergoing one of the fastest digital transformations in the world. National initiatives such as Saudi Vision 2030, Kuwait Vision 2035, and the UAE Digital Government Strategy are fueling large-scale modernization across every sector. However, as this progress accelerates, the region faces a parallel rise in cyber threats, pushing cybersecurity to the…
-
Shutdown Sparks 85% Increase in US Government Cyberattacks
Attackers are pouncing on financially strapped US government agencies and furloughed employees. And the effects of this period might be felt for a long time hereafter. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/shutdown-increase-us-government-cyberattacks
-
Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems
Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, chatgpt, china, ciso, cloud, computing, container, control, credentials, crime, cve, cyber, cyberattack, cybersecurity, data, defense, detection, email, exploit, extortion, finance, flaw, framework, fraud, google, governance, government, group, guide, hacker, hacking, healthcare, iam, identity, incident response, intelligence, LLM, malicious, malware, mitigation, monitoring, network, open-source, openai, organized, phishing, ransom, risk, risk-management, russia, sans, scam, service, skills, soc, strategy, supply-chain, technology, theft, threat, tool, training, vulnerability, zero-trustAs organizations eagerly adopt AI, cybersecurity teams are racing to protect these new systems. In this special edition of the Cybersecurity Snapshot, we round up some of the best recent guidance on how to fend off AI attacks, and on how to safeguard your AI systems. Key takeaways Developers are getting new playbooks from groups…
-
APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT.The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), a state-sponsored hacking group known to be active since at least 2013. It…
-
Blitz Spear Phishing Campaign Targets NGOs Supporting Ukraine
A spear phishing campaign dubbed PhantomCaptcha targeted Ukraine’s war relief efforts and regional government administrations for a single day in October First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blitz-spear-phishing-ngos-ukraine/
-
Ransomware Actors Targeting Global Public Sectors and Critical Infrastructure
The public sector faces an unprecedented cybersecurity crisis as ransomware actors intensify their assault on government entities worldwide. According to Trustwave’s SpiderLabs research team, nearly 200 public sector organizations have been struck with ransomware in 2025 alone, with Babuk and Qilin emerging as the most prolific threat groups driving this surge in attacks against critical…
-
Iran’s MuddyWater wades into 100+ government networks in latest spying spree
Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/iran_muddywater_campaign/
-
Iran’s MuddyWater wades into 100+ government networks in latest spying spree
Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/iran_muddywater_campaign/
-
Tired of Unpaid Toll Texts? Blame the ‘Smishing Triad’
Chinese smishers, the bane of every American with a phone, have been shifting to lower-frequency, possibly higher-impact government impersonation attacks. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/unpaid-toll-texts-smishing-triad
-
US government accuses former L3Harris cyber boss of stealing trade secrets
The U.S. Department of Justice accused Peter Williams, former general manager of L3Harris’ hacking division Trenchant, of stealing trade secrets and selling them to a buyer in Russia. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/23/u-s-government-accuses-former-l3harris-cyber-boss-of-stealing-trade-secrets/
-
US government accuses former L3Harris cyber boss of stealing trade secrets
The U.S. Department of Justice accused Peter Williams, former general manager of L3Harris’ hacking division Trenchant, of stealing trade secrets and selling them to a buyer in Russia. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/23/u-s-government-accuses-former-l3harris-cyber-boss-of-stealing-trade-secrets/
-
U.S. government accuses former L3Harris cyber boss of stealing trade secrets
The U.S. Department of Justice accused Peter Williams, former general manager of L3Harris’ hacking division Trenchant, of stealing trade secrets and selling them to a buyer in Russia. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/23/u-s-government-accuses-former-l3harris-cyber-boss-of-stealing-trade-secrets/
-
Pakistani-Linked Hacker Group Targets Indian Government
A cyber-espionage campaign by Pakistan’s TransparentTribe has been identified, targeting Indian government systems using DeskRAT First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/pakistani-hacker-group-targets/
-
Bereaved families call for public inquiry over suicide forum
Tags: governmentThe Molly Rose Foundation and families bereaved by suicide claim Ofcom and government departments have not taken effective action to deal with a forum promoting suicide First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366633481/Bereaved-families-call-for-public-inquiry-over-suicide-forum