Government

  • Classified Japanese diplomatic info leaked after Chinese cyberattacks in 2020

    February 5, 2024

    Classified Japanese diplomatic information was leaked following Chinese cyberattacks on the Foreign Ministry in 2020, a government source said Monday, exposing the nation’s digital vulnerability. Japan detected the large-scale attack and release of diplomatic telegrams during a period of government under then Prime Minister Shinzo Abe, the source said, but the nature of the leaked information ...

  • Scaly Wolf uses White Snake stealer against Russian industry

    February 2, 2024

    The BI.ZONE Threat Intelligence team has identified at least a dozen campaigns linked to Scaly Wolf. The impact spreads across organizations from various industries in Russia, including manufacturing and logistics. One of the group’s characteristics in gaining initial access is their phishing emails designed to look like legitimate correspondence from Russian public authorities. Its phishing arsenal ...

  • Hackers obtain confidential information on Romanian officials after cyber attack at Parliament

    January 31, 2024

    Hackers breached the database of the Romanian Chamber of Deputies, the lower house of the Parliament, after a recent cyber attack. They reportedly managed to obtain confidential information, such as the prime minister’s identity documents, medical analyses, and other personal data.  The hackers threatened to release the personal data of the deputies if they did not ...

  • The NSA buys Americans’ internet data, newly released documents show

    January 26, 2024

    The National Security Agency has been buying Americans’ web browsing data from commercial data brokers without warrants, intelligence officials disclosed in documents made public by a US senator Thursday. The purchases include information about the websites Americans visit and the apps that they use, said Oregon Democratic Sen. Ron Wyden, releasing newly unclassified letters he received ...

  • HP Enterprise was hacked by the same Russian state-sponsored group that targeted Microsoft

    January 25, 2024

    HP Enterprise was infiltrated by a hacking group linked to Russian intelligence last year, the business IT company has revealed in a Securities and Exchange Commission filing. The threat actor is believed to be Midnight Blizzard, also known as Cozy Bear, which was the same group that recently breached the email accounts of several senior executives ...

  • Lebanon: Ministry of Social Affairs’ website suffers cybersecurity breach

    January 22, 2024

    The Ministry of Social Affairs’ website has been subjected to a cyber-attack. Authorities are actively working to resolve the issue and ensure the restoration of normalcy to the site. Reportedly, the website does not contain any personal information. Read more… Source: Lebanese Broadcasting Corporation International   

  • Swiss government accused of massive online surveillance

    January 11, 2024

    The Swiss Federal Intelligence Service (SRC) is allegedly monitoring the digital activities of the Swiss population, particularly on their mobile phones and computers, according to the German-language magazine Republik.ch on Tuesday. What’s more, Swiss spies are said to be storing far more information than they promised when the new intelligence law was introduced. The SRC denies ...

  • Thailand: Elderly to get anti-scam education as cybercrime explodes

    January 10, 2024

    Alarmed by research indicating that the elderly are the most vulnerable to fraudsters, Thailand’s Ministry of Social Development and Human Security and CIB cybercrime investigators will collaborate with partners to provide digital literacy to senior people nationwide. The minister, Varawut Silpa-archa, stated that more than 13 million people, or almost 20% of the Thai population, are ...

  • Proposed Irish hate speech regulations could have a chilling effect on freedom

    January 4, 2024

    In light of the Dublin riots, which estimates suggest resulted in millions of euro worth of damage, following the stabbing of three children outside their school by a foreign national, Ireland’s regional free speech culture war battleground has become global. Several public figures from across the world have sounded the alarm over potential threats to freedom ...

  • Pakistan: Separate agency set up to tackle cybercrime challenge

    December 28, 2023

    The government has established a separate agency, National Cyber Crime Investigation Agency, equipped with all the required equipment and skills with which Pakistan’s cyberspace, data of public and private institutions, business transactions, and online activities of citizens can be secured, effectively. This was stated by Caretaker Federal Minister for Information Technology and Telecommunication Dr Umar Saif, ...

  • A cyberattack targets Albanian Parliament, cellphone provider and air flight company

    December 27, 2023

    Albania’s Parliament said on Tuesday that it had suffered a cyberattack with hackers trying to get into its data system, resulting in a temporary halt in its services. A statement said Monday’s cyberattack had not “touched the data of the system,” adding that experts were working to discover what consequences the attack could have. It said ...

  • Governments spying on Apple, Google users through push notifications -US senator

    December 7, 2023

    Unidentified governments are surveilling smartphone users via their apps’ push notifications, a U.S. senator warned on Wednesday. In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from Alphabet’s Google and Apple. Although details were sparse, the letter lays out yet another path by which governments can track ...

  • Star Blizzard increases sophistication and evasion in ongoing attacks

    December 7, 2023

    Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard (formerly SEABORGIUM, also known as COLDRIVER and Callisto Group). Star Blizzard has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against the same targets. Star Blizzard, whose activities we ...

  • TA422’s Dedicated Exploitation Loop – the Same Week After Week

    December 5, 2023

    Starting in March 2023, Proofpoint researchers have observed the Russian advanced persistent threat (APT) TA422 readily use patched vulnerabilities to target a variety of organizations in Europe and North America. TA422 overlaps with the aliases APT28, Forest Blizzard, Pawn Storm, Fancy Bear, and BlueDelta, and is attributed by the United States Intelligence Community to the Russian ...

  • New Tool Set Found Used Against Organizations in the Middle East, Africa and the US

    December 1, 2023

    Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. The researchers will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors’ activity. Unit 42 team is sharing this research to provide detection, prevention and hunting ...

  • Hellhounds: Operation Lahat

    November 30, 2023

    In 2023, Positive Technologies Computer Security Incident Response Team (PT CSIRT) discovered that a certain power company was compromised by the Decoy Dog trojan. According to the PT CSIRT investigation, Decoy Dog has been actively used in cyberattacks on Russian companies and government organizations since at least September 2022. This trojan was previously discussed by NCIRCC, Infoblox, ...

  • France bans ministers from WhatsApp, Signal; demands French alternatives

    November 30, 2023

    French Prime Minister Élisabeth Borne has banned widely used messaging apps WhatsApp, Telegram and Signal for ministers and their teams due to security vulnerabilities, according to a memo obtained by French news outlet Le Point. “These digital tools are not devoid of security flaws, and therefore cannot guarantee the security of conversations and information shared via ...

  • HrServ – Previously unknown web shell used in APT attack

    November 22, 2023

    In the course of our routine investigation, we discovered a DLL file, identified as hrserv.dll, which is a previously unknown web shell exhibiting sophisticated features such as custom encoding methods for client communication and in-memory execution. Kaspersky analysis of the sample led to the discovery of related variants compiled in 2021, indicating a potential correlation between ...

  • Ukraine sacks ‘corrupt’ cyber defence chiefs

    November 21, 2023

    Ukraine has sacked two top cyber defence officials after they were charged with orchestrating a multi-million pound embezzlement scheme. Yurii Shchyhol and Viktor Zhora, the head and deputy of the Service of Special Communications and Information Protection of Ukraine (SSSCIP), are accused of inflating the value of a software deal for personal gain by £1.4million ($1.7million). Read ...

  • Canada: Current and former public service, RCMP, military members affected by data breach

    November 18, 2023

    The federal government is warning current and former public service employees and members of the RCMP and Canadian Armed Forces their personal and financial information may have been accessed in a data breach that occurred on Oct. 19. The breach affects federal government data held by Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & ...