Tag: government
-
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America.Check Point Research is tracking the cluster under the name Ink Dragon. It’s also referenced by the broader cybersecurity community under the names CL-STA-0049,…
-
Chinese Ink Dragon Group Hides in European Government Networks
China’s Ink Dragon is using European government networks to hide its espionage activity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-ink-dragon-hides-european/
-
BlindEagle Targets Colombian Government Agency with Caminho and DCRAT
Tags: access, attack, authentication, cloud, communications, control, cybercrime, defense, detection, dkim, dmarc, dns, email, encryption, flaw, government, group, infrastructure, injection, Internet, malicious, malware, microsoft, open-source, phishing, powershell, rat, service, spear-phishing, startup, tactics, threat, tool, update, usa, windowsIntroductionIn early September 2025, Zscaler ThreatLabz discovered a new spear phishing campaign attributed to BlindEagle, a threat actor who operates in South America and targets users in Spanish-speaking countries, such as Colombia. In this campaign, BlindEagle targeted a government agency under the control of the Ministry of Commerce, Industry and Tourism (MCIT) in Colombia using…
-
The devil of proposed SEC AI disclosure rule is in the details
Tags: advisory, ai, awareness, business, ceo, compliance, cybersecurity, data, government, intelligence, jobs, law, risk, sans, service, software, strategy, technology, tool, trainingnot use AI for some purposes. Attorneys who have studied the proposal note that the AI rule, just like the SEC’s cybersecurity rule from about two years ago, won’t technically require anything to be reported that wouldn’t have already required reporting. The new rule refers only to material AI efforts and ever since the creation of…
-
The devil of proposed SEC AI disclosure rule is in the details
Tags: advisory, ai, awareness, business, ceo, compliance, cybersecurity, data, government, intelligence, jobs, law, risk, sans, service, software, strategy, technology, tool, trainingnot use AI for some purposes. Attorneys who have studied the proposal note that the AI rule, just like the SEC’s cybersecurity rule from about two years ago, won’t technically require anything to be reported that wouldn’t have already required reporting. The new rule refers only to material AI efforts and ever since the creation of…
-
Blind Eagle Hackers Exploit Trust to Bypass Email Security Controls
Tags: attack, control, cyber, cybersecurity, email, exploit, government, group, hacker, malware, phishing, spear-phishing, threatBlindEagle threat actors are exploiting compromised internal email accounts to launch spear-phishing campaigns that bypass traditional email security controls, targeting Colombian government agencies with sophisticated multi-stage malware attacks, according to Zscaler ThreatLabz research. The cybersecurity firm discovered the campaign in early September 2025, revealing that the South American threat group targeted a government agency under…
-
SecureIQLab Establishes APAC Office in Kathmandu, Nepal
SecureIQLab has officially established its Asia-Pacific (APAC) office in Kathmandu, Nepal, marking a significant milestone in expanding independent cybersecurity validation and advisory services across the region. The new APAC office strengthens SecureIQLab’s ability to support regional enterprises, government institutions, and cybersecurity vendors with objective, outcome-based cybersecurity validation aligned with real-world threats and operational requirements. Why……
-
SecureIQLab Establishes APAC Office in Kathmandu, Nepal
SecureIQLab has officially established its Asia-Pacific (APAC) office in Kathmandu, Nepal, marking a significant milestone in expanding independent cybersecurity validation and advisory services across the region. The new APAC office strengthens SecureIQLab’s ability to support regional enterprises, government institutions, and cybersecurity vendors with objective, outcome-based cybersecurity validation aligned with real-world threats and operational requirements. Why……
-
China’s Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out First seen on theregister.com Jump to article: www.theregister.com/2025/12/16/chinas_ink_dragon_hides_out/
-
China’s Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out First seen on theregister.com Jump to article: www.theregister.com/2025/12/16/chinas_ink_dragon_hides_out/
-
Internet-Based Solar Panel Systems Vulnerable to Rapid Cyberattacks
The rapid global expansion of solar energy infrastructure has created an unprecedented cyber vulnerability. As millions of homes, businesses, and hospitals adopt renewable power sources supported by government initiatives like the U.S. Inflation Reduction Act and Europe’s Renewable Energy Directive. Security researchers have uncovered a critical flaw: many solar systems still rely on decades-old industrial…
-
Internet-Based Solar Panel Systems Vulnerable to Rapid Cyberattacks
The rapid global expansion of solar energy infrastructure has created an unprecedented cyber vulnerability. As millions of homes, businesses, and hospitals adopt renewable power sources supported by government initiatives like the U.S. Inflation Reduction Act and Europe’s Renewable Energy Directive. Security researchers have uncovered a critical flaw: many solar systems still rely on decades-old industrial…
-
xHunt APT Exploits Microsoft Exchange and IIS to Deploy Custom Backdoors
xHunt, a sophisticated cyber-espionage group with a laser focus on organizations in Kuwait, has continued to demonstrate advanced capabilities in infiltrating critical infrastructure. The group’s persistent, multi-year campaigns targeting the shipping, transportation, and government sectors underscore the evolving threat landscape facing Middle Eastern enterprises. Since its first documented operations in July 2018, xHunt has refined…
-
Android Users at Risk as Malware Poses as mParivahan and e-Challan Apps
A sophisticated Android malware campaign dubbed NexusRoute is actively targeting Indian users by impersonating the Indian Government Ministry, mParivahan, and e-Challan services to steal credentials and carry out large-scale financial fraud. The operation combines phishing, malware, and surveillance capabilities. It is being distributed via malicious APKs hosted on GitHub and clusters of phishing domains that…
-
Opexus claims background checks missed red flags on twins accused of insider breach
The federal government contractor admits it made multiple mistakes in the hiring and firing of Muneeb and Sohaib Akhter. First seen on cyberscoop.com Jump to article: cyberscoop.com/opexus-background-checks-insider-attack-muneeb-sohaib-akhter/
-
Opexus claims background checks missed red flags on twins accused of insider breach
The federal government contractor admits it made multiple mistakes in the hiring and firing of Muneeb and Sohaib Akhter. First seen on cyberscoop.com Jump to article: cyberscoop.com/opexus-background-checks-insider-attack-muneeb-sohaib-akhter/
-
No more orange juice? Why one ship reveals America’s maritime cybersecurity crisis
This is a workforce problem, not a vendor problem: The new regulations require all 3,000 MTSA facilities to designate a cybersecurity officer (why the Coast Guard named them CySOs and couldn’t just call them CISOs, I do not know). Finding hundreds of qualified people who understand both operational technology in maritime environments and cybersecurity is…
-
No more orange juice? Why one ship reveals America’s maritime cybersecurity crisis
This is a workforce problem, not a vendor problem: The new regulations require all 3,000 MTSA facilities to designate a cybersecurity officer (why the Coast Guard named them CySOs and couldn’t just call them CISOs, I do not know). Finding hundreds of qualified people who understand both operational technology in maritime environments and cybersecurity is…
-
Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices
New report by Unit 42 reveals the Hamas-linked Ashen Lepus (WIRTE) group is using the AshTag malware suite to target Middle Eastern diplomatic and government entities with advanced, hidden tactics. First seen on hackread.com Jump to article: hackread.com/hamas-hackers-ashtag-malware-diplomats/
-
Tokyo to Hold Major Cyberattack Drill Targeting Critical Infrastructure on Dec. 18
Japan is set to hold its first public-private sector tabletop exercise to prepare for large-scale cyberattacks, particularly targeting critical infrastructure. The drill, scheduled for December 18th, will involve the central government, the Tokyo metropolitan government, and major infrastructure operators across the capital region. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/japan-first-cybersecurity-drill/
-
Cybersecurity leaders’ top seven takeaways from 2025
Tags: access, ai, api, attack, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, data-breach, deep-fake, defense, detection, email, exploit, framework, governance, government, grc, identity, international, malicious, network, nist, phishing, regulation, resilience, risk, saas, service, software, strategy, supply-chain, technology, threat, tool, vulnerability2. AI forced companies to rethink their security strategies: At the same time, Abousselham notes how the rapid rollout of AI forced companies to shift their resources to keep pace with the change, while maintaining safe product releases. He calls 2025 the “chaotic introduction of agentic AI”.”I don’t think the industry was ready or expected…
-
Cybersecurity leaders’ top seven takeaways from 2025
Tags: access, ai, api, attack, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, data-breach, deep-fake, defense, detection, email, exploit, framework, governance, government, grc, identity, international, malicious, network, nist, phishing, regulation, resilience, risk, saas, service, software, strategy, supply-chain, technology, threat, tool, vulnerability2. AI forced companies to rethink their security strategies: At the same time, Abousselham notes how the rapid rollout of AI forced companies to shift their resources to keep pace with the change, while maintaining safe product releases. He calls 2025 the “chaotic introduction of agentic AI”.”I don’t think the industry was ready or expected…
-
ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit, and 20 More Stories
This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life…
-
ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit, and 20 More Stories
This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life…
-
Empowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services
Tags: access, ai, automation, best-practice, business, cloud, compliance, computing, container, control, data, data-breach, encryption, finance, GDPR, governance, government, guide, healthcare, HIPAA, intelligence, network, oracle, PCI, resilience, risk, service, software, strategy, supply-chain, tool, zero-trustEmpowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services madhav Thu, 12/11/2025 – 06:50 In a landscape where the safeguarding of sensitive information is paramount, the collaboration between Thales and Oracle Fusion Cloud Services helps create operational independence, data sovereignty, and uncompromising control for organizations worldwide. At Thales, our…
-
Empowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services
Tags: access, ai, automation, best-practice, business, cloud, compliance, computing, container, control, data, data-breach, encryption, finance, GDPR, governance, government, guide, healthcare, HIPAA, intelligence, network, oracle, PCI, resilience, risk, service, software, strategy, supply-chain, tool, zero-trustEmpowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services madhav Thu, 12/11/2025 – 06:50 In a landscape where the safeguarding of sensitive information is paramount, the collaboration between Thales and Oracle Fusion Cloud Services helps create operational independence, data sovereignty, and uncompromising control for organizations worldwide. At Thales, our…
-
WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor
An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020.Palo Alto Networks is tracking the activity cluster under the name Ashen Lepus. Artifacts uploaded to the VirusTotal platform show that the threat actor…
-
WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor
An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020.Palo Alto Networks is tracking the activity cluster under the name Ashen Lepus. Artifacts uploaded to the VirusTotal platform show that the threat actor…