Tag: government
-
Tomiris Hacker Group Unveils New Tools and Techniques for Global Attacks
A new wave of cyberattacks has been discovered targeting government officials and diplomats across Russia and Central Asia. The group, which has been active for several years, is known for focusing on high-value political targets. This latest investigation shows they are now using more advanced methods to hide their tracks, including popular apps like Telegram…
-
Cybersecurity Coalition to Government: Shutdown is Over, Get to Work
The Cybersecurity Coalition, an industry group of almost a dozen vendors, is urging the Trump Administration and Congress now that the government shutdown is over to take a number of steps to strengthen the country’s cybersecurity posture as China, Russia, and other foreign adversaries accelerate their attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/cybersecurity-coalition-to-government-shutdown-is-over-get-to-work/
-
Cybersecurity Coalition to Government: Shutdown is Over, Get to Work
The Cybersecurity Coalition, an industry group of almost a dozen vendors, is urging the Trump Administration and Congress now that the government shutdown is over to take a number of steps to strengthen the country’s cybersecurity posture as China, Russia, and other foreign adversaries accelerate their attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/cybersecurity-coalition-to-government-shutdown-is-over-get-to-work/
-
RomCom tries dropping a notromantic payload on Ukraine-linked US firms
Target profile focused on Ukraine support: The second major insight from the report concerns victim selection. The targeted firm was not a defense contractor or a government body but a civil engineering company in the US. Its only notable link was past work involving a Ukraine-affiliated city.According to Arctic Wolf, the incident fits RomCom’s broader…
-
RomCom tries dropping a notromantic payload on Ukraine-linked US firms
Target profile focused on Ukraine support: The second major insight from the report concerns victim selection. The targeted firm was not a defense contractor or a government body but a civil engineering company in the US. Its only notable link was past work involving a Ukraine-affiliated city.According to Arctic Wolf, the incident fits RomCom’s broader…
-
Scattered Lapsus$ Hunters target Zendesk users with fake domains
Tags: access, attack, breach, credentials, data, data-breach, email, government, group, infrastructure, law, service, supply-chainDiscord breach may be connected: The Zendesk campaign may not be an isolated incident. Discord said on October 9 that attackers breached its customer service provider, 5CA, exposing data from about 70,000 users who had submitted government IDs for age verification. The breach also exposed support ticket data for users who had contacted Discord’s customer…
-
Bloody Wolf Threat Actor Expands Activity Across Central Asia
A new Bloody Wolf campaign exploits legitimate remote-administration software for cyber-attacks on government targets in Central Asia First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bloody-wolf-expands-central-asia/
-
OpenAI admits data breach after analytics partner hit by phishing attack
Tags: access, ai, api, attack, authentication, backdoor, breach, chatgpt, credentials, data, data-breach, email, governance, government, mfa, openai, password, phishing, riskName provided to OpenAI on the API account Email address associated with the API accountApproximate location based on API user browser (city, state, country)Operating system and browser used to access the API accountReferring websitesOrganization or User IDs associated with the API account”We proactively communicated with all impacted customers. If you have not heard from us directly,…
-
Neues ToddyCat-Toolkit greift Outlook und Microsoft-Token an
Tags: access, apt, backdoor, browser, chrome, cloud, cyberattack, exploit, governance, government, Internet, kaspersky, mail, microsoft, open-source, powershell, tool, update, vulnerability, windowsDie APT-Gruppe ToddyCat hat ihren Fokus auf den Diebstahl von Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken verlagert.Forscher von Kaspersky Labs haben festgestellt, dass sich die APT-Gruppe (Advanced Persistent Threat) ToddyCat jetzt darauf spezialisiert hat, Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken zu stehlen.Demnachhat die Hackerbande ihr Toolkit Ende 2024 und Anfang 2025 weiterentwickelt, um nicht nur wie bisher Browser-Anmeldedaten zu…
-
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks, and 20 More Stories
Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there’s a lot happening in the cyber world.Criminals are getting creative, using smart tricks to steal data, sound real, and hide in plain sight. But they’re not the only ones moving fast. Governments and…
-
Key provisions of the UK Cyber Resilience Bill Revealed
Shona Lester, head of the Cyber Security and Resilience Bill team within the UK government, outlined some of the provisions that should be included in the future law First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/key-provisions-uk-cyber-resilience/
-
Massive Data Leak: ByteToBreach Offers Stolen Global Airline, Banking, and Government Records
A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a series of high-profile breaches targeting critical sectors worldwide. Active since at least June 2025, ByteToBreach has leveraged a blend of technical proficiency, aggressive self-promotion, and cross-platform operations to become one of the most publicized threat…
-
Massive Data Leak: ByteToBreach Offers Stolen Global Airline, Banking, and Government Records
A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a series of high-profile breaches targeting critical sectors worldwide. Active since at least June 2025, ByteToBreach has leveraged a blend of technical proficiency, aggressive self-promotion, and cross-platform operations to become one of the most publicized threat…
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
Emergency alerts go dark after cyberattack on OnSolve CodeRED
Cyberattack on OnSolve CodeRED disrupted emergency alert services for U.S. state, local, police, and fire agencies. A cyberattack on the OnSolve CodeRED alert platform disrupted emergency notification services used by U.S. state and local governments, police, and fire agencies. OnSolve CodeRED is a cloud-based emergency alert system used by U.S. state and local governments to…
-
Spyware Abuse of Signal and WhatsApp Targeting US Officials
Cyber Advisory Cites Abuse of Linked Devices to Monitor Sensitive Communications. The U.S cyber defense agency issued an alert outlining how commercial spyware and state-aligned groups are abusing messaging-app features through malicious QR-based linking and zero-click exploitation to monitor U.S. government, military and other high-profile figures. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/spyware-abuse-signal-whatsapp-targeting-us-officials-a-30133
-
Spyware Abuse of Signal and WhatsApp Targeting US Officials
Cyber Advisory Cites Abuse of Linked Devices to Monitor Sensitive Communications. The U.S cyber defense agency issued an alert outlining how commercial spyware and state-aligned groups are abusing messaging-app features through malicious QR-based linking and zero-click exploitation to monitor U.S. government, military and other high-profile figures. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/spyware-abuse-signal-whatsapp-targeting-us-officials-a-30133
-
Developers left large cache of credentials exposed on code generation websites
Tags: ai, api, authentication, banking, credentials, cyber, data, data-breach, email, endpoint, fortinet, government, healthcare, infrastructure, leak, mssp, service, vulnerability, waf, zero-day/service/getDataFromID API endpoint, watchTowr was able to extract the content behind each link from 80,000+ downloaded submissions, five years of historical JSON Formatter content, one year of historical Code Beautify content, 5GB+ of enriched data, annotated JSON data, plus thousands of secrets. These included:Active Directory credentialsCode repository authentication keysDatabase credentialsLDAP configuration informationCloud environment keysFTP credentialsCI/CD…
-
Developers left large cache of credentials exposed on code generation websites
Tags: ai, api, authentication, banking, credentials, cyber, data, data-breach, email, endpoint, fortinet, government, healthcare, infrastructure, leak, mssp, service, vulnerability, waf, zero-day/service/getDataFromID API endpoint, watchTowr was able to extract the content behind each link from 80,000+ downloaded submissions, five years of historical JSON Formatter content, one year of historical Code Beautify content, 5GB+ of enriched data, annotated JSON data, plus thousands of secrets. These included:Active Directory credentialsCode repository authentication keysDatabase credentialsLDAP configuration informationCloud environment keysFTP credentialsCI/CD…
-
OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide
Risk management company Crisis24 has confirmed its OnSolve CodeRED platform suffered a cyberattack that disrupted emergency notification systems used by state and local governments, police departments, and fire agencies across the United States. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/onsolve-codered-cyberattack-disrupts-emergency-alert-systems-nationwide/
-
Data Leaks: Why Are We So Stupid About Free Online Services?
JSON Code ‘Beautifiers’ Expose Sensitive Data From Banks, Government Agencies At what price beauty? Apparently, some developers will paste anything into JSON beautify sites, from researchers report recovering authentication keys, database credentials, personally identifiable information for banking customers and much more. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/data-leaks-are-we-so-stupid-about-free-online-services-p-3982
-
Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools like JSONformatter and CodeBeautify that are used to format and validate code.Cybersecurity company watchTowr Labs said it captured a dataset of over 80,000 files on these sites, uncovering thousands of First…
-
Russia arrests young cybersecurity entrepreneur on treason charges
Details of the case are classified, but Russian media say Timur Kilin may have drawn official ire after publicly criticizing the state-owned messaging app Max and the government’s anti-cybercrime legislation. First seen on therecord.media Jump to article: therecord.media/russia-arrests-tech-entrepreneur-treason
-
Code beautifiers expose credentials from banks, govt, tech orgs
Thousands of credentials, authentication keys, and configuration data impacting organizations in sensitive sectors have been sitting in publicly accessible JSON snippets submitted to the JSONFormatter and CodeBeautify online tools that format and structure code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/code-beautifiers-expose-credentials-from-banks-govt-tech-orgs/
-
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level
Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerabilityTrail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
-
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level
Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerabilityTrail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
-
Four Ways AI Is Being Used to Strengthen Democracies Worldwide
Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expectation is that democracy will be the worse for it. We have another narrative. Yes, there are risks to democracy from AI, but there are also opportunities. We have just…