Tag: government
-
Vietnam, Panama governments suffer incidents leaking citizen data
Vietnam’s credit information bureau and Panama’s finance ministry are each responding to apparent data breaches claimed by high-profile cybercrime groups. First seen on therecord.media Jump to article: therecord.media/vietnam-cic-panama-finance-ministry-cyberattacks
-
Cybersecurity Snapshot: Security Lags Cloud and AI Adoption, Tenable Report Finds, as CISA Lays Out Vision for CVE Program’s Future
Tags: access, ai, api, attack, automation, best-practice, breach, bug-bounty, business, cisa, cloud, communications, computer, control, cve, cyber, cybersecurity, data, data-breach, defense, encryption, exploit, framework, google, governance, government, identity, infrastructure, intelligence, international, Internet, linkedin, mitre, network, nist, office, open-source, privacy, programming, RedTeam, resilience, risk, risk-management, service, skills, software, strategy, tactics, technology, threat, tool, update, vulnerabilityCheck out Tenable’s report detailing challenges and best practices for cloud and AI security. Plus, CISA rolled out a roadmap for the CVE Program, while NIST updated its guidelines for secure software patches. And get the latest on TLS/SSL security and AI attack disclosures! Here are five things you need to know for the week…
-
CISA official calls on lawmakers to extend cyber info-sharing law
The official’s call for a renewal came less than three weeks before the 2015 Cybersecurity Information Sharing Act (CISA 2015), which provides incentives for private entities to voluntarily share digital threat intelligence with the federal government, is due to sunset. First seen on therecord.media Jump to article: therecord.media/cisa-official-calls-on-lawmakers-renew-cisa2015
-
CISA official calls on lawmakers to extend cyber info-sharing law
The official’s call for a renewal came less than three weeks before the 2015 Cybersecurity Information Sharing Act (CISA 2015), which provides incentives for private entities to voluntarily share digital threat intelligence with the federal government, is due to sunset. First seen on therecord.media Jump to article: therecord.media/cisa-official-calls-on-lawmakers-renew-cisa2015
-
Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group”, also known as APT-C-24 or “Rattlesnake””, has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage intrusions across South Asia. Active since at least 2012 and targeting governments, energy utilities, military installations, and mining operations in…
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
CISA work not ‘degraded’ by Trump administration cuts, top agency official says
Nick Andersen rebutted criticisms from industry, state and local governments and the Hill about where CISA capabilities stand. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-operational-strength-despite-cuts-nicholas-andersen-billington-cybersecurity-summit/
-
Swiss government looks to undercut privacy tech, stoking fears of mass surveillance
Switzerland-based providers of secure email, VPNs and other digital services say a pending government proposal would be catastrophic to their ability to protect the privacy of users. First seen on therecord.media Jump to article: therecord.media/switzerland-digital-privacy-law-proton-privacy-surveillance
-
France says Apple notified victims of new spyware attacks
The French government says Apple sent out threat notifications to customers alerting them to spyware attacks earlier in September. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/11/france-says-apple-notified-victims-of-new-spyware-attacks/
-
Microsoft under fire: Senator demands FTC investigation into ‘arsonist selling firefighting services’
Tags: access, attack, authentication, breach, business, cio, ciso, computer, corporate, cyber, cybersecurity, email, encryption, finance, government, hacker, mfa, microsoft, network, password, ransomware, service, software, technology, threat, updateThe technical reality behind the failures: Security experts have long criticized Microsoft’s reliance on outdated encryption standards. “RC4 should have been retired long ago, yet it still lurks in Active Directory and continues to enable attacks like Kerberoasting,” Gogia noted.Microsoft’s justification centered on backward compatibility concerns. “Microsoft’s line has been that switching it off overnight…
-
UK delays introducing new cybersecurity legislation, again
As high-profile incidents continue to disrupt British companies, the U.K. government, amid a cabinet reshuffle of senior and junior ministers, is delaying a bill to update cybersecurity regulations. First seen on therecord.media Jump to article: therecord.media/uk-cybersecurity-law-update-csrb-delayed-again
-
LNER Reveals Supply Chain Attack Compromised Customer Information
Government-run train operator LNER has revealed details of a supplier data breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lner-supply-chain-attack-customer/
-
US investors in spyware firms nearly tripled in 2024: report
The role American investors are playing in propping up spyware vendors is notable given the aggressive actions the U.S. government has taken to rein in the sector, including through sanctions, entity listings and visa restrictions. First seen on therecord.media Jump to article: therecord.media/us-investors-in-spyware-tripled-in-2024
-
Kritische Infrastruktur: Regierung beschließt Kritis-Dachgesetz ein zweites Mal
Schon im November 2024 hat die Ampel-Regierung den Entwurf für ein Kritis-Dachgesetz beschlossen. Nun ging dieser praktisch unverändert durchs Kabinett. First seen on golem.de Jump to article: www.golem.de/news/kritische-infrastruktur-regierung-beschliesst-kritis-dachgesetz-ein-zweites-mal-2509-199979.html
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Southeast Asian Scam Centers Face More Financial Sanctions
Firms cooperating with cybercrime syndicates in Burma and Cambodia face sanctions by the US government and enforcement actions by China, but the scams continue to grow. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/southeast-asian-scam-centers-financial-sanctions
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations
The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.China trade talks.”These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business…
-
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations
The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.China trade talks.”These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business…
-
New Buterat Backdoor Malware Found in Enterprise and Government Networks
Meet Buterat, a new backdoor malware spreading through phishing and trojanized downloads, giving attackers persistent access to enterprise and government networks. First seen on hackread.com Jump to article: hackread.com/buterat-backdoor-malware-enterprise-govt-networks/
-
CyberVolk Ransomware Targets Windows Systems in Critical Infrastructure and Research Institutions
CyberVolk ransomware, which first emerged in May 2024, has escalated its operations against government agencies, critical infrastructure, and scientific institutions across Japan, France, and the United Kingdom. Operating with pro-Russian leanings, CyberVolk specifically targets states perceived as hostile to Russian interests, leveraging sophisticated encryption techniques that render decryption impossible. This article delivers a technical analysis…
-
CyberVolk Ransomware Targets Windows Systems in Critical Infrastructure and Research Institutions
CyberVolk ransomware, which first emerged in May 2024, has escalated its operations against government agencies, critical infrastructure, and scientific institutions across Japan, France, and the United Kingdom. Operating with pro-Russian leanings, CyberVolk specifically targets states perceived as hostile to Russian interests, leveraging sophisticated encryption techniques that render decryption impossible. This article delivers a technical analysis…
-
Nokia successor HMD spawns secure device biz with Euro-made smartphone
Tags: governmentIvalo XE handset targets governments and security critical sectors, though Qualcomm silicon keeps it tied to the US First seen on theregister.com Jump to article: www.theregister.com/2025/09/09/hmd_ivalo_xe/
-
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Tags: breach, china, corporate, cyber, cybersecurity, espionage, government, hacker, infrastructure, malicious, network, threatCybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of 45 malicious domains dating back to 2020 demonstrates the extensive reach and long-term persistence of…
-
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Tags: breach, china, corporate, cyber, cybersecurity, espionage, government, hacker, infrastructure, malicious, network, threatCybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of 45 malicious domains dating back to 2020 demonstrates the extensive reach and long-term persistence of…
-
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Tags: breach, china, corporate, cyber, cybersecurity, espionage, government, hacker, infrastructure, malicious, network, threatCybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of 45 malicious domains dating back to 2020 demonstrates the extensive reach and long-term persistence of…
-
The US government has no idea how many cybersecurity pros it employs
Auditors find federal cybersecurity workforce data messy, incomplete, and unreliable First seen on theregister.com Jump to article: www.theregister.com/2025/09/08/us_govt_lacks_clarity_infosec_workforce/
-
The US government has no idea how many cybersecurity pros it employs
Auditors find federal cybersecurity workforce data messy, incomplete, and unreliable First seen on theregister.com Jump to article: www.theregister.com/2025/09/08/us_govt_lacks_clarity_infosec_workforce/
-
AI in Government
Just a few months after Elon Musk’s retreat from his unofficial role leading the Department of Government Efficiency (DOGE), we have a clearer picture of his vision of government powered by artificial intelligence, and it has a lot more to do with consolidating power than benefitting the public. Even so, we must not lose sight…