Government

March 10, 2021

Websites of the majority of Russian government authorities have recovered after the failure occurred on Wednesday. Websites of the Kremlin, the government, Russian media watchdog, Ministry of Industry and Trade, Ministry of Economic Development, Security Council and Russian Investigative Committee resumed operations. Furthermore, the State Duma and the Ministry of the Interior websites restarted operations earlier. It was ...

March 9, 2021

Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ. Hacks multiple cameras in ...

March 4, 2021

In a new report released Thursday, the U.S. Government Accountability Office (GAO) said the Department of Defense fails to communicate clear cybersecurity guidelines to contractors tasked with building systems for its weapons programs. As part of its so called congressional watchdog duties, the GAO found that Defense Department weapons programs are failing to consistently incorporate cybersecurity ...

February 25, 2021

The UK’s top intelligence and security body, GCHQ, is betting big on artificial intelligence: the organization has revealed how it wants to use AI to boost national security. In a new paper titled “Pioneering a New National Security,” GCHQ’s analysts went to lengths to explain why AI holds the key to better protection of the nation. ...

February 22, 2021

Chinese threat actors “cloned” and used a Windows zero-day exploit stolen from the NSA’s Equation Group for years before the privilege escalation flaw was patched, researchers say. On Monday, Check Point Research (CPR) said the tool was a “clone” of software developed by the US National Security Agency (NSA)’s Equation Group, identified by FireEye in 2015 ...

February 19, 2021

LoRaWAN technology allows organizations to deploy the internet of things solutions at a much lower cost than existing cellular infrastructure solutions. Because of this, enterprises and smart cities around the world have started using LoRaWAN in their operations. As mentioned in the first article of this series, LoRaWAN technology has been used in infrastructure management, ...

February 11, 2021

Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software. Accellion is a developer of secure file transfer products that allow organizations to transfer sensitive files with people outside of their organization. In mid-December, Accellion announced that they became ...

February 2, 2021

The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data. The government of Ramsey County learned about the potential breach on December 2, 2020, when Netagin ...

January 30, 2021

The UK Research and Innovation (UKRI) is dealing with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and ...

January 23, 2021

The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach. Last month, the SolarWinds network management company disclosed that they suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers. The US government believes that this attack was conducted by ...

January 23, 2021

Some of the laptops given out in England to support vulnerable children home-schooling during lockdown contain malware, BBC News has learned. Teachers shared details on an online forum about suspicious files found on devices sent to a Bradford school. The malware, which they said appeared to be contacting Russian servers, is believed to have been found on ...

January 21, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert regarding an advanced persistent threat (APT) compromising government agencies, critical infrastructures, and private sector organizations. According to CISA, the APT actor is accountable for the compromise of the SolarWinds Orion supply chain. The actor is also responsible for the abuse of commonly used authentication mechanisms. ...

January 21, 2021

If the UK is to become a world leader in digital technologies, while at the same time becoming more sustainable, it’s in need of a significant digital overhaul. This is the conclusion of a new report recently released by Public Policy Projects (PPP), Anderson Strategy and Huawei. The “Connected Citizen” report argues, first and foremost, that ...

January 19, 2021

As the incoming Biden administration continues to shake up federal leadership, the National Security Agency announced Friday that Rob Joyce, who is currently serving at the U.S. Embassy in London, was named to lead its cybersecurity division. Joyce will inherit the job from Anne Neuberger, who will leave the post to serve as deputy national security ...

January 15, 2021

It is understood the attack is not connected to the devastating cyber attack on the Solar Winds Orion software, which US officials pin on Russian hackers. The Foreign Office has not commented on any suspects of its investigation, but tonight confirmed the breach, which was first reported by The Sun. A Government spokesperson said: ‘We take data ...

January 11, 2021

Secretary of State Mike Pompeo announced on Thursday the creation of a new bureau inside the US Department of State dedicated to addressing cybersecurity as part of the US’ foreign policy and diplomatic efforts. The new bureau will be named the Bureau of Cyberspace Security and Emerging Technologies (CSET). “The CSET bureau will lead US government diplomatic ...

January 11, 2021

On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named “Dark Halo”. FireEye did not link this activity to any known actor; instead, ...

January 11, 2021

When hostile actors penetrated the Capitol Building on January 6, they gained access to individual chambers and offices and remained at large within the Capitol complex for well over two hours. We have reports that items were stolen. One report comes from acting US Attorney for DC, Michael Sherwin, who stated “items, electronic items were stolen ...

January 5, 2021

Four US cyber-security agencies, including the FBI, CISA, ODNI, and the NSA, have released a joint statement today formally accusing the Russian government of orchestrating the SolarWinds supply chain attack. US officials said that “an Advanced Persistent Threat (APT) actor, likely Russian in origin” was responsible for the SolarWinds hack, which officials described as “an intelligence ...

December 30, 2020

The internal networks of Lithuania’s National Center for Public Health (NVSC) and several municipalities have been infected with Emotet malware following a large campaign targeting the country’s state institutions. “When infected recipients opened infected messages, the virus entered the internal networks of the institutions,” NVSC officials said in a statement published today. “Infected computers, after downloading additional ...