Tag: government
-
The Iranian Conflict Leads to the Latest Attack on OT Production – ARIA Cybersecurity
<div cla CISA and the FBI warned that Iranian-backed cyber attackers are targeting Rockwell LOGIX® PLC deployments in Government, Energy and Water/Wastewater as well as other industries first back on March 20th 206. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/the-iranian-conflict-leads-to-the-latest-attack-on-ot-production-aria-cybersecurity/
-
UK reliance on US big tech companies is ‘national security risk’, claims report
UK government urged to follow European countries by backing technology based on open standards First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641487/UK-reliance-on-US-big-tech-companies-is-national-security-risk-claims-report
-
Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
Two reports from former high-level U.S. cyber officials and the UK government’s top AI research institution reveal how top defenders think about the tool’s hacking capabilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/claude-mythos-ai-cybersecurity-threat-report/
-
France Tees Up Big Public Sector Move Away From US Tech
European Governments Grow Suspicious of Silicon Valley. French abandonment of American software for open-source alternatives continues apace, with all government ministries now facing a fall deadline for outlining plans to reduce their dependence on U.S. tech. France must regain control of our digital destiny, said public action minister David Amiel. First seen on govinfosecurity.com Jump…
-
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies. First seen on hackread.com Jump to article: hackread.com/hacker-claude-code-gpt-4-1-mexican-records/
-
Hungarian government creds left in the safe hands of ‘FrankLampard’
Nearly 800 state logins surfaced in breach data, including defense and NATO-linked accounts First seen on theregister.com Jump to article: www.theregister.com/2026/04/11/hungary_government_logins_breach/
-
Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting government infrastructure. A single threat actor successfully leveraged artificial intelligence platforms to breach nine Mexican government agencies. The campaign, which operated from late December 2025 through mid-February 2026, resulted in the exfiltration of hundreds…
-
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
The department is looking to create a “menu of priority AI export packages that the U.S. Government will promote to allies and partners around the world.” First seen on cyberscoop.com Jump to article: cyberscoop.com/commerce-ai-export-regime-promotes-american-ai-adoption-abroad/
-
UK government threatens tech bosses with jail time if they do not adequately fight nudification tools
A U.K. communications regulator, Ofcom, has said it will be cracking down on the spread of the images in the aftermath of the Grok scandal, which led to millions of “nudified” images of women and children to be circulated worldwide. First seen on therecord.media Jump to article: therecord.media/uk-threatens-tech-bosses-with-jail-ai-nudification
-
Big Tech, Big Exposure: Data from Over 3.5 Million Accounts Handed to US Authorities
New research from digital privacy firm Proton has revealed the staggering scale of how Google, Apple, and Meta share user data with US government authorities, and the numbers are only growing. According to the findings, the three tech giants have collectively handed over data from more than 3.5 million user accounts over the past decade,…
-
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/industrial-controllers-vulnerable-conflicts-cyber
-
The cyber winners and losers in Trump’s 2027 budget
Tags: cisa, communications, compliance, corporate, cyber, cybersecurity, defense, government, group, infrastructure, international, network, office, risk, service, strategy, threatFigure 1- Top gainers in Trump’s 2027 budget. Compilation from OMB cross-cut tables. CSOSeveral smaller agencies, including the EPA, Department of Education, Tennessee Valley Authority, Federal Mine Safety and Health Review Commission, and the US Army Corps of Engineers, also stand to post modest gains under the 2027 budget. Losers: DHS, VA, and research programs…
-
CMMC compliance in the age of AI
Tags: access, ai, automation, awareness, business, compliance, control, data, detection, email, governance, government, grc, metric, risk, tool, trainingThe primary readiness gap: data scope awareness: Central to preparation is gaining a complete understanding of the data subject to CMMC 2.0 controls. Many organizations are still struggling to define the full scope of systems, workflows and third-party relationships that process or store CUI. When contractors conduct detailed CMMC-focused data inventories, it’s common that they’ll…
-
Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy
Hackers are impersonating popular secure messaging apps to deploy a sophisticated Android spyware tool called ProSpy against journalists, activists, and political figures across the Middle East, in a hack”‘for”‘hire campaign linked to the BITTER APT group. The campaign has been active since at least 2022. It primarily targets civil society members and potentially government officials in countries…
-
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementAn Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
-
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Censys researchers warned that thousands of devices are exposed to the Iranian government’s campaign targeting energy, water, and U.S. government services and facilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/iran-attackers-industrial-ot-government-energy-water-censys/
-
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
Tags: android, attack, awareness, browser, chrome, ciso, communications, compliance, computer, computing, crypto, cryptography, cybersecurity, data, encryption, google, government, group, Hardware, infrastructure, Internet, ml, mobile, regulation, risk, service, strategy, technology, threat, vulnerabilityNational Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encryption algorithms ahead of their planned retirement in 2035.Late last month Google brought forward its own post-quantum cryptography (PQC) deadline a year to 2029 because advances in quantum computers mean that legacy encryption and digital signature systems are at greater…
-
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by…
-
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by…
-
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and SMEX.Two of the targets included prominent Egyptian journalists and government critics, Mostafa First seen on thehackernews.com…
-
Prompt injection tags along as GenAI enters daily government use
Routine use of GenAI has moved into daily operations in state and territorial government environments, placing new security risks within common workflows. A Center for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/genai-prompt-injection-enterprise-data-risk/
-
Prompt injection tags along as GenAI enters daily government use
Routine use of GenAI has moved into daily operations in state and territorial government environments, placing new security risks within common workflows. A Center for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/genai-prompt-injection-enterprise-data-risk/
-
Prompt injection tags along as GenAI enters daily government use
Routine use of GenAI has moved into daily operations in state and territorial government environments, placing new security risks within common workflows. A Center for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/genai-prompt-injection-enterprise-data-risk/
-
Arelion employs NETSCOUT Arbor DDoS protection products
Tags: ai, attack, automation, business, cyber, cyberattack, cybersecurity, ddos, defense, detection, government, infrastructure, intelligence, Internet, mitigation, monitoring, network, risk, router, service, strategy, tactics, technology, threat“As a Tier-1 Internet carrier supporting the majority of global Internet traffic, this continued collaboration reflects our ongoing investment in best-of-breed network security solutions to protect the technology ecosystem. Our partnership combines Arelion’s global network performance and NETSCOUT’s leading Arbor DDoS attack protection solutions to provide world-class experiences for our customers.” Scott Nichols, Chief Commercial…
-
France Limits Chinese-Made Solar Energy Components
Paris Backs Protectionism and Cybersecurity Requirements to Keep Out Chinese Firms. France is saying non to Chinese photovoltaic components through a mix of protectionism and cybersecurity requirements as it readies a government-backed program of new solar energy projects. Chinese cybersecurity laws require firms to share key information and generally cooperate with Beijing. First seen on…
-
‘We Were Not Ready for This’: Lebanon’s Emergency System Is Hanging by a Thread
In Lebanon, nearly 1 in 5 people has been displaced by Israeli attacks, leaving the government to manage a modern crisis without modern digital infrastructure. First seen on wired.com Jump to article: www.wired.com/story/we-were-not-ready-for-this-lebanons-emergency-system-is-hanging-by-a-thread/
-
How botnet-driven DDoS attacks evolved in 2H 2025
Tags: ai, attack, botnet, dark-web, ddos, defense, dns, finance, government, group, infrastructure, intelligence, international, Internet, iot, jobs, law, LLM, mitigation, network, resilience, risk, service, strategy, tactics, threat, tool, usa, vulnerabilityMassive attack capacity: Demonstration attacks peaked at 30Tbps and 4 gigapackets per second, primarily launched by Internet of Things (IoT) botnets such as Aisuru and TurboMirai variants.AI integration: The use of AI, including dark-web large language models (LLMs), moved from emerging trend to operational reality, making sophisticated attacks accessible to a wider range of threat actors.Persistent threat…
-
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-exploited-ivanti-epmm-flaw-by-sunday/