Hackers used never-before-seen wiper in recent attack on Iranian train system

Researchers with cybersecurity company SentinelOne reconstructed the recent cyberattack on Iran’s train system in a new report, uncovering a new threat actor — which they named ‘MeteorExpresss’ — and a never-before-seen wiper. On July 9, local news outlets began reporting Read More …

Iran’s secret cyber files on how cargo ships and petrol stations could be attacked

Classified documents, allegedly from Iran, reveal secret research into how a cyber attack could be used to sink a cargo ship or blow up a fuel pump at a petrol station. The internal files, obtained by Sky News, also include Read More …

Risks in Telecommunications IT

Telecommunications is just one aspect of a 200-year-old field of research in IT. In our latest report, “Islands of Telecoms: Risks in IT,” we liken this field to what seems to be separate islands that are in fact connected by Read More …

CISA announces new vulnerability disclosure policy (VDP) platform

Last fall, CISA issued the final version of Binding Operational Directive (BOD 20-01), which was issued in support of the Office of Management and Budget M-20-32, “Improving Vulnerability Identification, Management, and Remediation”. This Directive reflects CISA’s commitment to strengthening cybersecurity Read More …

Biden pushes for stronger cybersecurity in critical infrastructure, wants companies to do more

President Joe Biden will sign a national security memorandum on Wednesday that aims to strengthen cybersecurity for critical infrastructure, as concern mounts about the vulnerability of the U.S. in the wake of a series of recent ransomware attacks. The memo Read More …

U.S., U.K., And Australia Issue Joint Cybersecurity Advisory

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory today, highlighting the top Common Vulnerabilities and Exposures Read More …

Russia, US launch cybersecurity dialogue, three rounds already held

Russia and the US have launched bilateral cybersecurity dialogue, with three formal rounds already held, Russian Deputy Foreign Minister Sergey Ryabkov told reporters on Wednesday. “We are beginning to have a better understanding of security issues in the cyber sphere Read More …

Northern Ireland’s COVID certification service suspended after data leak

Northern Ireland’s Department of Health (DoH) has temporarily halted its COVID-19 vaccine certification online service following a data exposure incident. Some users of COVIDCert NI app were presented with data of other users, under certain circumstances, says the Department. As Read More …

UC San Diego Health discloses data breach after phishing attack

UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees’ email accounts. UC San Diego Health is one of the nation’s best hospitals, being Read More …

‘Praying Mantis’ threat actor targeting Windows internet-facing servers with malware

Windows internet-facing servers are being targeted by a new threat actor operating “almost completely in-memory,” according to a new report from the Sygnia Incident Response team. The report said that the advanced and persistent threat actor — which they have Read More …