Government


  • The voting machine hacking threat you probably haven’t heard about

    October 14, 2022

    There’s a largely overlooked hacking target that could help those who want to sow doubt about vote tallies in the November midterms: cellular modems that transmit unofficial election-night results. The modems, which send vote data from precincts to central offices using cellphone networks, help election officials satisfy the public’s demand for rapid results. But putting any ...

  • Budworm: Espionage Group Returns to Targeting U.S. Organizations

    October 13, 2022

    The Budworm espionage group has mounted attacks over the past six months against a number of strategically significant targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S. state legislature. The latter attack is the first time in a number of years Symantec has seen Budworm targeting a U.S-based ...

  • Optus confirms 2.1 million ID numbers exposed in data breach

    October 4, 2022

    Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month. In a press statement released yesterday, the mobile carrier updated the information regarding the personal data of 9.8 million customers exposed during the attack. In an investigation, Optus confirmed that a total of 2.1 million customers had valid or expired ...

  • CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks

    October 3, 2022

    CISA has issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which seeks improve asset visibility and vulnerability enumeration across the federal enterprise. Although BOD 23-01 is only applicable to federal civilian executive branch (FCEB) agencies, CISA recommends all stakeholders review and incorporate the standards it sets forth. Doing so ...

  • UK: Liz Truss’ and Cabinet Ministers’ mobile numbers are being sold online for £6.49

    October 2, 2022

    The personal mobile phone numbers of the Prime Minister and 25 of her Cabinet Ministers are being sold on the internet, The Mail on Sunday can reveal. They can be accessed on a shady US website charging just £6.49 for access to the information, which cyber experts warn could be used by China and Russia to ...

  • 12 senior Indonesian officials targeted by NSO software

    September 30, 2022

    More than 12 senior Indonesian military and government officials were targeted by software developed by Israeli cyber company NSO Group, Ynet reported on Thursday night, citing sources familiar with the matter, six of whom were interviewed by Reuters and said they had also been targeted by the software. The officials include Coordinating Minister for Economic Affairs ...

  • Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East

    September 29, 2022

    The Witchetty espionage group (aka LookingFrog) has been progressively updating its toolset, using new malware in attacks on targets in the Middle East and Africa. Among the new tools being used by the group is a backdoor Trojan (Backdoor.Stegmap) that employs steganography, a rarely seen technique where malicious code is hidden within an image. In attacks ...

  • FBI: Iranian State Actors Conduct Cyber Operations Against the Government of Albania

    September 21, 2022

    The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timeline of activity observed, from initial access to execution of encryption and wiper attacks. Additional information ...

  • Gamaredon APT targets Ukrainian government agencies in new campaign

    September 15, 2022

    Cisco Talos discovered Gamaredon APT activity targeting users in Ukraine with malicious LNK files distributed in RAR archives. The campaign, part of an ongoing espionage operation observed as recently as August 2022, aims to deliver information-stealing malware to Ukrainian victim machines and makes heavy use of multiple modular PowerShell and VBScript (VBS) scripts as part ...

  • New Wave of Espionage Activity Targets Asian Governments

    September 13, 2022

    A distinct group of espionage attackers who were formerly associated with the ShadowPad remote access Trojan (RAT) has adopted a new, diverse toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. The attacks, which have been underway since at least early 2021, appear to ...

  • Albania Claims New Cyberattack on Day the US Sanctions Iran for July Attack

    September 9, 2022

    Albania said it suffered another cyberattack on the day the U.S. announced sanctions against Iran’s Ministry of Intelligence and Security (MOIS) for an attack launched against Tirana’s government computer systems in July. “The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, was committed by the same actors who in ...

  • Pakistan government labels its own cybersecurity team ‘incompetent’

    September 7, 2022

    A Pakistani parliamentary committee has labelled its own cybersecurity agency “incompetent”. That damning assessment was offered by the nation’s Standing Committee on Information Technology and Telecommunication at a Monday meeting convened to brief committee members on the workings of Pakistan’s Ministry of Information Technology and Telecommunication. Read more… Source: The Register  

  • IRS data leak exposes personal info of 120,000 taxpayers

    September 3, 2022

    The Internal Revenue Service has accidentally leaked confidential information for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns. IRS Form 990T is used to report ‘unrelated business income’ paid to a tax-exempt entity, such as nonprofits (charities) or IRA and SEP retirement accounts. This income is commonly derived from sales unrelated ...

  • New ransomware hits Windows, Linux servers of Chile government agency

    September 1, 2022

    Chile’s national computer security and incident response team (CSIRT) has announced that a ransomware attack has impacted operations and online services of a government agency in the country. The attack started on Thursday, August 25, targeting Microsoft and VMware ESXi servers operated by the agency. The hackers stopped all running virtual machines and encrypted their files, appending ...

  • Montenegro hit by ransomware attack, hackers demand $10 million

    September 1, 2022

    The government of Montenegro has provided more information about the attack on its critical infrastructure saying that ransomware is responsible for the damage and disruptions. Public Administration Minister Maras Dukaj stated on local television yesterday that behind the attack is an organized cybercrime group. The effects of the incindet continue for the tenth day. The minister added ...

  • China-linked APT40 gang targets wind farms, Australian government

    August 31, 2022

    Researchers at security company Proofpoint and PricewaterhouseCoopers (PWC) said on Tuesday they had identified a cyber espionage campaign that delivers the ScanBox exploitation framework through a malicious fake Australian news site. The campaign, active from April to June of this year, targeted Australian government agencies, Australian media companies and manufacturers who conduct maintenance on wind turbine ...

  • Website of Taiwan’s presidential office receives overseas cyber attack

    August 2, 2022

    The website of Taiwan’s presidential office received an overseas cyber attack on Tuesday and was at one point malfunctioning, a source briefed on the matter said. The website was shortly brought back online, the source told Reuters. U.S. House of Representatives Speaker Nancy Pelosi was expected to arrive in Taipei later on Tuesday, people briefed on ...

  • LockBit ransomware gang claims it ransacked Italy’s tax agency

    July 26, 2022

    The LockBit ransomware crew is claiming to have stolen 78GB of data from Italy’s tax agency and is threatening to leak it if a ransom isn’t paid by July 31. The notorious gang put a notice on its dark-web site adding the agency – the Agenzia delle Entrate – to its growing list of victims. According ...

  • Russia, Iran discuss tech manufacturing, infosec and e-governance collaboration

    July 22, 2022

    Iran’s Communications Ministry joined in a pledge with Russian state-owned defence and technology conglomerate Rostec to explore future collaboration in e-government, information security, and other areas. News of the collaboration came in a statement published on Friday by Iran’s Information Technology Organization (ITO) – a government agency charged with developing policy related to data networks and ...

  • Transparent Tribe begins targeting education sector in latest campaign

    July 13, 2022

    Cisco Talos recently discovered an ongoing campaign conducted by the Transparent Tribe APT group against students at various educational institutions in India. This campaign was partially covered by another security firm, but our findings reveal more details regarding the adversary’s operations. Typically, this APT group focuses on targeting government (government employees, military personnel) and pseudo-government entities ...