Tag: government
-
UK’s new cybersecurity bill takes aim at ransomware gangs and state-backed hackers
After years of delays, the UK government has finally introduced landmark cybersecurity legislation that could reshape how British organisations defend against digital attacks. First seen on fortra.com Jump to article: www.fortra.com/blog/uks-new-cybersecurity-bill-takes-aim-ransomware-gangs-state-backed-hackers
-
Scam USPS and E-Z Pass Texts and Websites
Tags: banking, credit-card, cybercrime, google, government, group, password, phishing, scam, software, toolGoogle has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitive information like passwords, credit card…
-
Scam USPS and E-Z Pass Texts and Websites
Tags: banking, credit-card, cybercrime, google, government, group, password, phishing, scam, software, toolGoogle has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitive information like passwords, credit card…
-
Chinese APT Group Exploits DLL Sideloading to Breach Government and Media Targets
A China-nexus advanced persistent threat (APT) group has been conducting a sustained espionage campaign targeting government and media sectors across Southeast Asia, leveraging sophisticated DLL sideloading techniques as a primary attack vector. The threat actor, tracked as Autumn Dragon, has targeted multiple nations surrounding the South China Sea, including Indonesia, Singapore, the Philippines, Cambodia, and Laos,…
-
How the classic anime ‘Ghost in the Shell’ predicted the future of cybersecurity 30 years ago
The story of the Ghost in the Shell’s main villain the Puppet Master hinted at a future where governments use hackers for espionage, at a time when most of the world had never connected to the internet. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/19/how-the-classic-anime-ghost-in-the-shell-predicted-the-future-of-cybersecurity-30-years-ago/
-
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform
Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windowsHey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
-
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform
Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windowsHey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
-
CISA gives govt agencies 7 days to patch new Fortinet flaw
CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet’s FortiWeb web application firewall, which was exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-gives-govt-agencies-7-days-to-patch-new-fortinet-flaw/
-
Behind the firewall: The hidden struggles of cyber professionals with a disability
Daisy Wong Daisy WongWhen Daisy Wong, head of security awareness at Medibank, first entered cybersecurity, she didn’t expect to become an advocate for inclusion, she just wanted to prove that being in a wheelchair was no barrier to what she could achieve. “I never wanted to be in cybersecurity. I did marketing at uni,” she…
-
Anthropic AI-powered cyberattack causes a stir
Tags: ai, attack, china, cyber, cyberattack, cybersecurity, espionage, finance, government, group, hacking, programming, technology, toolAI “‹”‹company Anthropic recently announced that companies worldwide have been attacked by an AI-powered cyber espionage campaign. It is purported to be the first publicly documented case of a cyberattack carried out by an AI model.According to the research report, around 30 organizations worldwide were affected by the attacks. These included large technology companies, financial institutions,…
-
Airline data broker to stop selling individuals’ travel records to government agencies
News that the Airlines Reporting Corporation (ARC) will shut down its controversial Travel Intelligence Program (TIP) surfaced in a letter ARC CEO Lauri Reishus sent to a bipartisan group of lawmakers on Tuesday. First seen on therecord.media Jump to article: therecord.media/airline-data-broker-stop-selling-to-government
-
Information sharing law’s expiration could squander government vulnerability hunting efforts, senator says
The next steps for the law, now extended for a short time, are up in the air. First seen on cyberscoop.com Jump to article: cyberscoop.com/cyber-threat-data-sharing-law-expiration-security-risk-mike-rounds-gary-peters-rand-paul/
-
US Cyber Defense Agency Admits to Major Staffing Crisis
Internal Memo Says Trump-Era Cuts ‘Hampered’ CISA During ‘Pivotal Moment’. The Cybersecurity and Infrastructure Security Agency is reeling from an apparent 40% vacancy rate in several key divisions following White House-driven cuts and a prolonged government shutdown, according to an internal memo revealing how recent layoffs were undermining federal readiness. First seen on govinfosecurity.com Jump…
-
Pro-Russian group claims hits on Danish party websites as voters head to polls
Voting was not disrupted Tuesday by a wave of DDoS incidents affecting political party and government websites in Denmark a day earlier, officials said. First seen on therecord.media Jump to article: therecord.media/denmark-election-political-government-websites-ddos-incidents
-
The Data Privacy Risk Lurking in Paperless Government
The world is becoming increasingly paperless, and most organizations, including federal agencies, are following suit. Switching from paper-based processes to digital ones offers great benefits. However, the security and compliance challenges that come with this shift aren’t to be taken lightly. As the federal government goes paperless to cut costs and modernize operational processes, a..…
-
Full renewal of state and local cyber grants program passes in House
The PILLAR Act, which would renew federal cybersecurity grants to state and local governments through 2033, passed by voice vote in the House. First seen on therecord.media Jump to article: therecord.media/state-local-cyber-grants-program-house-passage
-
Inspector General Flags Security Gap in NIH Genomics Project
NIH Working on Fixes to Address National Security Risks and Weak Access Controls. The sensitive health and genomics data of 1 million Americans used by a National Institutes of Health research project could be at risk for access or theft by bad actors, including foreign adversaries, a government watchdog group. Security weaknesses discovered in an…
-
Dozens of groups call for governments to protect encryption
The letter comes as countries in Europe have moved over the past year to regulate or mandate legalized access for criminal and national security investigations. First seen on cyberscoop.com Jump to article: cyberscoop.com/encryption-sixty-groups-call-on-governments-to-oppose-backdoor-mandates/
-
Kenyan gov’t websites back online after hackers deface pages with white supremacist messages
A handful of Kenyan government websites were defaced with white supremacist slogans. First seen on therecord.media Jump to article: therecord.media/kenyan-gov-websites-back-hack
-
CISA gives federal agencies one week to patch exploited Fortinet bug
U.S. government agencies have been given a shorter window than usual to patch a critical vulnerability affecting Fortinet’s FortiWeb firewall product. First seen on therecord.media Jump to article: therecord.media/fortinet-fortiweb-vulnerability-cisa-advisory
-
FedRAMP Deviation Requests: When and How to Submit
FedRAMP is a government-wide program meant to ensure a standardized baseline for information security throughout the cloud service providers working with the federal government. It’s a tall order. Setting forth standards that are robust enough to cover all the bases, while being open and flexible enough to cover every CSP, is not easy. NIST has……
-
ISMG Editors: What Comes Next After US Government Shutdown?
Also: Insights From ISMG’s Global Events, Tenzai’s $75 Million Seed Round. In this week’s panel, ISMG editors broke down the mounting pressure on the Department of Health and Human Services and its privacy and security operations, the $75 million seed round for autonomous pen testing startup Tenzai and key themes from ISMG’s recent global summits…
-
TDL 009 – Inside DNS Threat Intelligence: Privacy, Security Innovation
Tags: access, apple, attack, automation, backup, best-practice, business, ceo, cisco, ciso, cloud, computer, control, corporate, country, crime, cybersecurity, data, dns, encryption, finance, firewall, government, infrastructure, intelligence, Internet, jobs, law, linkedin, malicious, marketplace, middle-east, monitoring, msp, network, office, privacy, regulation, risk, service, software, strategy, threat, tool, windows, zero-trustSummary Inside DNS Threat Intelligence: Privacy, Security & Innovation In this episode of the Defenders Log, host David Redekop speaks with Tim Adams, the founder of the protective DNS resolver Scout DNS. Tim shares his origin story, explaining how he transitioned from a wireless network integrator to building his own DNS solution. He saw a…
-
AI firm claims it stopped Chinese state-sponsored cyber-attack campaign
Anthropic says financial firms and government agencies were attacked ‘largely without human intervention’A leading artificial intelligence company claims to have stopped a China-backed “cyber espionage” campaign that was able to infiltrate financial firms and government agencies with almost no human oversight.The US-based Anthropic said its coding tool, Claude Code, was “manipulated” by a Chinese state-sponsored…
-
Western governments disrupt trifecta of cybercrime tools
Authorities seized more than 1,000 servers and 20 domains in the operation. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/operation-endgame-third-phase-infostealer-rat-botnet/805549/
-
Are We in the Quantum Decade?
Growing Enterprise Use Cases and National Missions Signal Toward a Quantum Era. Quantum computers are finally emerging from sterile labs after decades of research and development. Recent breakthroughs and use cases indicate that the quantum decade has begun, with collaboration across the private sector, startup community, government and academia accelerating development. First seen on govinfosecurity.com…
-
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign.The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA).”The…