Tag: government
-
Russia Pivots, Cracks Down on Resident Hackers
Thanks to improving cybersecurity and law enforcement action from the West, Russia’s government is reevaluating which cybercriminals it wants to give safe haven from the law. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/russia-cracks-down-low-level-hackers
-
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch
Tags: breach, china, country, exploit, flaw, government, microsoft, middle-east, technology, threat, update, usa, vulnerabilityThreat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025.Also targeted were government departments in an African country, as well as government agencies in South America, a university in the U.S., as…
-
Inspired by the EU: Sweden eyes open standard for encrypted chat services
What if your messaging and collaboration app could talk to all the others? Swedish government agencies are investigating the possibility First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366633195/Inspired-by-the-EU-Sweden-eyes-open-standard-for-encrypted-chat-services
-
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/
-
Inspired by the EU: Sweden eyes open standard for encrypted chat services
What if your messaging and collaboration app could talk to all the others? Swedish government agencies are investigating the possibility First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366633195/Inspired-by-the-EU-Sweden-eyes-open-standard-for-encrypted-chat-services
-
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/
-
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky.The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed at government entities in Latin America and…
-
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky.The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed at government entities in Latin America and…
-
New Salt Typhoon Attacks Leverage Zero-Days and DLL Sideloading
Salt Typhoon represents one of the most persistent and sophisticated cyber threats targeting global critical infrastructure today. Believed to be linked to state-sponsored actors from the People’s Republic of China, this advanced persistent threat group has executed a series of high-impact campaigns against telecommunications providers, energy networks, and government systems”, most notably across the United…
-
Self-propagating worm found in marketplaces for Visual Studio Code extensions
Tags: access, application-security, attack, backdoor, backup, best-practice, blockchain, breach, ciso, control, credentials, crime, crypto, cyber, data, data-breach, endpoint, framework, github, gitlab, google, government, identity, incident response, infrastructure, intelligence, least-privilege, login, malicious, malware, marketplace, network, open-source, resilience, risk, sans, security-incident, software, supply-chain, threat, tool, update, wormMarketplaces targeted: The Koi Security report is the latest in a series of warnings that threat actors are increasingly targeting VS Code marketplaces in supply chain attacks. Last week, Koi Security exposed a threat actor dubbed TigerJack spreading malicious extensions. And researchers at Wiz just published research showing the widespread abuse of the OpenVSX and…
-
NDSS 2025 Workshop On Security And Privacy Of Next-Generation Networks (FutureG) 2025, Session 1. Panelists Papers SESSION Opening Remarks, Panel And FutureG 2025 Session 1: AI-Assisted NextG
Tags: 5G, ai, conference, detection, government, Internet, LLM, network, open-source, privacy, vulnerabilityPanelists: Ted K. Woodward, Ph.D. Technical Director for FutureG, OUSD (R&E) Phillip Porras, Program Director, Internet Security Research, SRI Donald McBride, Senior Security Researcher, Bell Laboratories, Nokia This panel aims to bring together various participants and stakeholders from government, industry, and academia to present and discuss recent innovations and explore options to enable recent 5G…
-
‘PassiveNeuron’ Cyber Spies Target Orgs with Custom Malware
A persistent cyber espionage campaign focused on SQL servers is targeting government, industrial and financial sectors across Asia, Africa, and Latin America. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/-passiveneuron-cyber-spies-target-industrial-financial-orgs
-
Apple alerts exploit developer that his iPhone was targeted with government spyware
A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and fired. Weeks later, Apple notified him that his personal iPhone was targeted with spyware. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/21/apple-alerts-exploit-developer-that-his-iphone-was-targeted-with-government-spyware/
-
PassiveNeuron Targets High-Profile Servers to Deploy Malware
A sophisticated cyberespionage campaign dubbed PassiveNeuron has emerged from the shadows after months of dormancy, with security researchers uncovering fresh details about its operations and attack methods. The campaign, first detected in June 2024, has resurfaced with renewed vigor, targeting government, financial and industrial organizations across Asia, Africa and Latin America with previously unknown malware…
-
Security patch or self-inflicted DDoS? Microsoft update knocks out key enterprise functions
Tags: api, authentication, banking, control, cryptography, ddos, defense, flaw, government, microsoft, network, tool, update, windowsMalfunctioning devices, failed connections, and installation errors: Update KB5066835 can also cause USB devices, including keyboards and mice, to malfunction in WinRE, preventing navigation in recovery mode. However, the keyboard and mouse do continue to work normally within the Windows OS. Microsoft has now released an out-of-band update, KB5070773, to address the issue.Additionally, the security…
-
Vets Will Test UK Digital ID Plan”¯
As the UK tests digital ID cards for military veterans ahead of a 2027 nationwide rollout, privacy concerns and cybersecurity warnings are growing. Experts caution that without strong zero-trust principles, encryption, and PAM enforcement, the program could expose citizens and government systems to new risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/vets-will-test-uk-digital-id-plan/
-
Vets Will Test UK Digital ID Plan”¯
As the UK tests digital ID cards for military veterans ahead of a 2027 nationwide rollout, privacy concerns and cybersecurity warnings are growing. Experts caution that without strong zero-trust principles, encryption, and PAM enforcement, the program could expose citizens and government systems to new risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/vets-will-test-uk-digital-id-plan/
-
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Tags: attack, credentials, cyber, email, government, group, india, infrastructure, phishing, service, spear-phishing, threatPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials and enable long-term espionage. The attack begins with email messages that convincingly mimic official notifications…
-
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Tags: attack, credentials, cyber, email, government, group, india, infrastructure, phishing, service, spear-phishing, threatPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials and enable long-term espionage. The attack begins with email messages that convincingly mimic official notifications…
-
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Tags: attack, credentials, cyber, email, government, group, india, infrastructure, phishing, service, spear-phishing, threatPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials and enable long-term espionage. The attack begins with email messages that convincingly mimic official notifications…
-
Winos 4.0 Malware Uses Weaponized PDFs Posing as Government Departments to Infect Windows Machines
Security researchers are tracking a high-severity malware campaign that uses weaponized PDF files to distribute the Winos 4.0 malware. The threat actors impersonate government departments to trick users into opening malicious documents that infect Microsoft Windows machines. The campaign, first observed in early 2025, has since expanded its operations from Taiwan to Japan and Malaysia,…
-
Anthropic Has a Plan to Keep Its AI From Building a Nuclear Weapon. Will It Work?
Anthropic partnered with the US government to create a filter meant to block Claude from helping someone build a nuke. Experts are divided on whether its a necessary protection”, or a protection at all. First seen on wired.com Jump to article: www.wired.com/story/anthropic-has-a-plan-to-keep-its-ai-from-building-a-nuclear-weapon-will-it-work/
-
Beyond Bot Management: Why Reverse Proxy Phishing Demands a New Defense Strategy
The scale of credential theft through phishing has reached alarming proportions. Recent analysis of the LabHost phishing operation reveals that nearly 990,000 Canadians were directly victimized, with attackers primarily targeting private sector enterprises (76%) over government agencies (24%). The operation generated over 1.2 million total incidents across Canada, resulting in hundreds of millions of dollars……
-
Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram
Hundreds of US government officials working for the FBI, ICE, and Department of Justice have had their personal data leaked by a notorious hacking group. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hundreds-masked-ice-agents-doxxed-hackers-personal-details-posted-telegram
-
Foreign hackers breached a US nuclear weapons plant via SharePoint flaws
Tags: access, attack, authentication, breach, china, control, corporate, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, flaw, framework, government, group, hacker, identity, infrastructure, intelligence, Intruder, korea, microsoft, monitoring, network, ransomware, reverse-engineering, risk, russia, supply-chain, tactics, technology, theft, threat, vulnerability, zero-day, zero-trustChina or Russia? Conflicting attribution: Microsoft attributed the broader wave of SharePoint exploitations to three Chinese-linked groups: Linen Typhoon, Violet Typhoon, and a third actor it tracks as Storm-2603. The company said the attackers were preparing to deploy Warlock ransomware across affected systems.However, the source familiar with the Kansas City incident tells CSO that a…
-
Network security devices endanger orgs with ’90s era flaws
Tags: access, application-security, apt, authentication, breach, cisa, cisco, citrix, cloud, control, cve, cyber, cybersecurity, dos, email, endpoint, exploit, finance, firewall, firmware, flaw, government, group, incident response, infrastructure, injection, ivanti, jobs, linux, mitigation, mobile, network, open-source, penetration-testing, programming, regulation, remote-code-execution, reverse-engineering, risk, risk-management, router, service, software, threat, tool, vpn, vulnerability, zero-day2024 networking and security device zero-day flaws Product CVE Flaw type CVSS Check Point Quantum Security Gateways and CloudGuard Network Security CVE-2024-24919 Path traversal leading to information disclosure 8.6 (High) Cisco Adaptive Security Appliance CVE-2024-20359 Arbitrary code execution 6.6 (Medium) Cisco Adaptive Security Appliance CVE-2024-20353 Denial of service 8.6 (High) Cisco Adaptive Security Appliance …
-
‘I lost 25 pounds in 20 days’: what it’s like to be on the frontline of a global cyber-attack
The security chief of SolarWinds reflects on the Russian hack that exposed US government agencies and the heart attack he suffered in the aftermathTim Brown will remember 12 December 2020 for ever.It was the day the software company SolarWinds was notified it had been hacked by Russia. <a href=”https://www.theguardian.com/technology/2025/oct/19/global-cyber-attack-russian-hack-solarwinds-stress-health”>Continue reading… First seen on theguardian.com Jump…
-
Government considered destroying its data hub after decade-long intrusion
Tags: access, backdoor, breach, china, data, detection, endpoint, exploit, government, group, Hardware, incident response, infrastructure, network, risk, spy, supply-chain, threat, tool, vpn, vulnerabilityBridewell, a supplier to the UK government critical network infrastructure, endorsed the severity of this approach. He said, “it’s like when a device is compromised, the only way to truly be sure there are no remnants, or unidentified backdoors is to restore the asset to a known good state. In the physical realm, in particular…
-
ISMG Editors: Inside the FBI’s Scattered Lapsus Takedown
Also: Continued Turmoil at CISA, MSSP Level Blue’s Acquisition of Cybereason. In this week’s panel, four ISMG editors discussed the FBI’s takedown of Scattered Lapsus$ Hunters, turmoil inside CISA amid the U.S. federal government shutdown and how LevelBlue’s acquisition of Cybereason signals big shifts in the XDR and MDR markets. First seen on govinfosecurity.com Jump…
-
US Scrambles to Patch F5 Amid China-Linked Breach
Concerns Grow Over F5 Hacking Amid Stalled Government Shutdown. Federal officials are scrambling to contain nation-state hackers exploiting stolen source code from networking devices and software maker F5 amid staffing pressures created by the ongoing government shutdown. Stolen files reportedly include undisclosed vulnerabilities F5 had been researching. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-scrambles-to-patch-f5-amid-china-linked-breach-a-29759