Government

May 19, 2025

The UK’s Ministry of Justice (MoJ) has revealed that a cyberattack on the Legal Aid system has led to the theft of a “significant amount” of data, including criminal records. The MoJ was alerted to the attack on April 23 when data dating back as far as 2010 was accessed by the attackers. Earlier this month, ...

May 15, 2025

FBI is issuing this announcement to warn and provide mitigation tips to the public about an ongoing malicious text and voice messaging campaign. Since April 2025, malicious actors have impersonated senior US officials to target individuals, many of whom are current or former senior US federal or state government officials and their contacts. If you receive ...

May 7, 2025

A federal jury in California handed Israel’s NSO Group a $168 million penalty on Tuesday for hijacking the servers of WhatsApp in order to hack users of the Meta-owned chat platform on behalf of foreign spy agencies. The case caps a six-year battle between the American social media giant and the surveillance firm. It has also ...

May 6, 2025

Unit 42 researchers recently uncovered a highly focused malicious campaign targeting dozens of Portuguese organizations, particularly in the government, finance and transportation sectors. This campaign was orchestrated by the threat actors behind Lampion malware, an infostealer that focuses on sensitive banking information. This malware family has been active since at least 2019. During our investigation, we ...

May 5, 2025

A hacker has exploited a vulnerability in TeleMessage, which provides modded versions of encrypted messaging apps such as Signal, Telegram, and WhatsApp, to extract archived messages and other data relating to U.S. government officials and companies who used the tool, 404 Media reported. TeleMessage came into the spotlight last week after it was reported that former ...

April 30, 2025

Apple sent notifications this week to several people who the company believes were targeted with government spyware, according to two of the alleged targets. In the past, Apple has sent similar notifications to targets and victims of spyware, and directed them to contact a nonprofit that specializes in investigating such cyberattacks. Other tech companies, like Google ...

April 25, 2025

Trend Research uncovered a sophisticated APT campaign targeting government and telecommunications sectors in Southeast Asia. Named Earth Kurma, the attackers use advanced custom malware, rootkits, and cloud storage services for data exfiltration. Earth Kurma demonstrates adaptive malware toolsets, strategic infrastructure abuse, and complex evasion techniques. This campaign poses a high business risk due to targeted espionage, ...

April 17, 2025

Day after day, threat actors create new malware to use in cyberattacks. Each of these new implants is developed in its own way, and as a result gets its own destiny – while the use of some malware families is reported for decades, information about others disappears after days, months or several years. Kaspersky researchers observed ...

April 11, 2025

Kimsuky, alias Mystery Baby, Baby Coin, Smoke Screen, Black Banshe, etc., is tracked internally by Qi’anxin as APT-Q-2. The APT group was publicly disclosed in 2013, with attack activity dating as far back as 2012. Kimsuky’s main target for attacks has been South Korea, involving defense, education, energy, government, healthcare, and think tanks, with a focus ...

April 10, 2025

GOFFEE is a threat actor that first came to our attention in early 2022. Since then, Kaspersky researchers have observed malicious activities targeting exclusively entities located in the Russian Federation, leveraging spear phishing emails with a malicious attachment. Starting in May 2022 and up until summer of 2023, GOFFEE deployed modified Owowa (malicious IIS module) in ...

April 10, 2025

President Trump on Wednesday ordered a federal investigation into Chris Krebs, the former director of U.S. cybersecurity agency CISA. In a new executive order, Trump instructed the Department of Homeland Security, which houses CISA, and the U.S. attorney general to investigate Krebs, who was fired by the Trump administration in November 2020 soon after he publicly ...

April 1, 2025

The UK’s technology secretary revealed the full breadth of the government’s Cyber Security and Resilience (CSR) Bill for the first time this morning, pledging £100,000 ($129,000) daily fines for failing to act against specific threats under consideration. Slated to enter Parliament later this year, the CSR bill was teased in the King’s Speech in July, shortly ...

March 31, 2025

The Earth Alux APT group’s schemes and tactics have been uncloaked through our relentless monitoring and investigation efforts. The China-linked intrusion set is actively launching cyberespionage attacks against the government, technology, logistics, manufacturing, telecommunications, IT services, and retail sectors. The first sighting of its activity was in the second quarter of 2023; back then, it was ...

March 26, 2025

Authorities say they do not know who is behind a data breach at the NSW Department of Communities and Justice (DCJ) in which thousands of sensitive files were accessed. NSW government officials confirmed about 9,000 sensitive court files, including domestic violence orders and affidavits, were accessed from the NSW Online Reigstry last week. Attorney-General Michael Daley ...

March 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious ...

March 24, 2025

The world found out shortly before 2 p.m. eastern time on March 15 that the United States was bombing Houthi targets across Yemen. I, however, knew two hours before the first bombs exploded that the attack might be coming. The reason I knew this is that Pete Hegseth, the secretary of defense, had texted me the ...

March 20, 2025

A longtime FBI agent has been charged with unlawfully taking and disclosing classified FBI files, according to court records reviewed by CBS News. Johnathan Buma, who specialized in national security and terror cases, has been released on $100,000 bond, with orders to appear in court in Los Angeles. Buma was arrested as he boarded an international ...

March 14, 2025

A group of bipartisan U.S. lawmakers are urging the head of the U.K.’s surveillance court to hold an open hearing into Apple’s anticipated challenge of an alleged secret U.K. government legal demand. U.S. Senator Ron Wyden, along with four other federal lawmakers, said in a letter this week to the president of the U.K.’s Investigatory Powers ...

March 10, 2025

Last year, Kaspersky researchers published an article about SideWinder, a highly prolific APT group whose primary targets have been military and government entities in Pakistan, Sri Lanka, China, and Nepal. In the article, they described activities that had mostly happened in the first half of the year. The researchers tried to draw attention to the group, ...

March 6, 2025

The change was spotted by security expert Alec Muffett, who wrote in a blog post on Wednesday that the U.K.’s National Cyber Security Centre (NCSC) is no longer recommending that high-risk individuals use encryption to protect their sensitive information. The NCSC in October published a document titled “Cybersecurity tips for barristers, solicitors & legal professionals,” that ...