Government


  • Chinese hackers have stepped up attacks on Taiwanese organizations

    June 24, 2024

    A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in sectors such as government, education, technology and diplomacy, according to cybersecurity intelligence company Recorded Future. RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded ...

  • ExCobalt: GoRed, the hidden-tunnel technique

    June 19, 2024

    While responding to an incident at one of their clients, the PT ESC CSIRT team discovered a previously unknown backdoor written in Go, which they attributed to a cybercrime gang dubbed ExCobalt. ExCobalt focuses on cyberespionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt gang. Cobalt attacked ...

  • Cleveland City Hall to remain closed after ransomware attack

    June 15, 2024

    City officials have confirmed the “cyber incident” that has hamstrung city operations for days to be a ransomware attack. In such attacks, malicious software effectively locks up a computer or network system, preventing access until users pay a ransom, according to the FBI. Read more… Source: MSN News Sign up for our Newsletter Related:

  • DISGOMOJI Malware Used to Target Indian Government

    June 13, 2024

    In 2024, Volexity identified a cyber-espionage campaign undertaken by a suspected Pakistan-based threat actor that Volexity currently tracks under the alias UTA0137. The malware used in these recent campaigns, which Volexity tracks as DISGOMOJI, is written in Golang and compiled for Linux systems. Volexity assesses with high confidence that UTA0137 has espionage-related objectives and a remit ...

  • Major data breach at Philippines Agricultural Credit Policy Council (ACPC) exposes sensitive information

    June 9, 2024

    The Agricultural Credit Policy Council (ACPC) has been hacked, exposing sensitive data and raising concerns about government agency security. Ph1ns, a hacker who gained unauthorized access to the ACPC’s internal systems, revealed the breach. The hacker was also responsible for several hack attacks on government agencies, including the DOST and the PNP. Read more… Source: Manila Bulletin Sign up ...

  • Canada does not have the tools to fight cyber crime, says watchdog

    June 5, 2024

    Canada’s federal government does not have the capacity and tools to effectively fight cyber crime in part because of excessive bureaucracy and staff shortages, the country’s top watchdog said on Tuesday. In an official report, Auditor General Karen Hogan said she found breakdowns in response, coordination, tracking, and information sharing between and across the organizations responsible ...

  • Ukrainian intelligence’ hackers attack Russian government agencies and large companies

    June 5, 2024

    Hackers from the Main Intelligence Directorate (DIU) of Ukraine’s Ministry of Defense have attacked the electronic services of several Russian ministries and banking institutions, according to RBC-Ukraine source in the special services. According to Roskomnadzor (Federal Service for Supervision of Communications, Information Technology and Mass Media) , the disruption is allegedly linked to an accident in ...

  • Inside The Box: Malware’s New Playground

    June 3, 2024

    Over the past few months, we have been monitoring the increasing abuse of BoxedApp products in the wild. BoxedApp products are commercial packers that provide advanced features such as Virtual Storage (Virtual File System, Virtual Registry), Virtual Processes, and a universal instrumentation system (WIN/NT API hooking). Even though BoxedApp has been commercially available for a while, ...

  • Massive cyber attack against Eritrea’s Internet System

    May 26, 2024

    A massive cyber attack was unleashed against Eritrea’s Internet System on Independence Day, Friday, 24 May 2024, at 12:32’:47 in the afternoon hours. The attempt was foiled by the defensive countermeasures deployed promptly, and the network continued its functions without interruptions. The identity of the originators, architects, and implementers of the attempted cyber attack is not ...

  • Optus sued by regulator over 2022 cyber-attack

    May 23, 2024

    Australia’s Communications and Media Authority (ACMA) has begun legal action against Optus, the country’s second largest telco, over a data breach it suffered in 2022. The watchdog has filed legal proceedings to the Federal Court, alleging that Optus “failed to protect the confidentiality of its customers’ personal information from unauthorised interference or unauthorised access,” and was ...

  • A Microsoft under attack from government and tech rivals after ‘preventable’ hack ties executive pay to cyberthreats

    May 22, 2024

    Microsoft has come under fire recently from both the U.S. government and rival companies for its failure to stop a Chinese hack of its systems last summer. One change the tech giant is making in response: linking executive compensation more closely to cybersecurity. In April, a government review board described a hack of Microsoft last summer attributed ...

  • Positive Technologies detects a series of attacks via Microsoft Exchange Server

    May 17, 2024

    While responding to an incident, the Incident Response team of Positive Technologies Expert Security Center (PT ESC) discovered an unknown keylogger embedded in the main Microsoft Exchange Server page of one of our customers. This keylogger was collecting account credentials into a file accessible via a special path from the internet. The team identified over 30 ...

  • SugarGh0st RAT Used to Target American Artificial Intelligence Experts

    May 16, 2024

    Proofpoint recently identified a SugarGh0st RAT campaign targeting organizations in the United States involved in artificial intelligence efforts, including those in academia, private industry, and government service. Proofpoint tracks the cluster responsible for this activity as UNK_SweetSpecter. SugarGh0st RAT is a remote access trojan, and is a customized variant of Gh0stRAT, an older commodity trojan typically ...

  • Ireland: More than 470 legal proceedings issued against health service after ransomware hit

    May 14, 2024

    More than 470 legal proceedings have been issued against the Health Service Executive (HSE) in relation to a cyber attack that shutdown the health service’s IT systems and compromised the data of thousands of patients and staff three years ago. Conti, a Russia-based cybercrime group, launched its ransomware attack on the health service on May 14th, ...

  • Tennessee: New state law to protect entities under cyber attack from class action suits amid Ascension Health hack

    May 13, 2024

    Another healthcare system is under a cyber attack, and while it’s unclear what, if any information has been accessed, a soon-to-be law will prevent those whose information may have been exposed from filing a class action lawsuit against entities that are hacked as long as the organization wasn’t grossly negligent. According to a spokesperson for Ascension ...

  • U.S. Patent Office data leak exposes private addresses

    May 9, 2024

    USPTO has acknowledged yet another incident in which the filers’ address data was leaked. Following a second data breach within two years, the federal agency responsible for patent and trademark grants notified thousands of filers whose private addresses were exposed. As a result, the USPTO is now reaching out to thousands of affected filers to inform ...

  • Germany recalls envoy to Russia over cyberattack

    May 6, 2024

    The German ambassador to Russia was recalled for consultations on Monday after Berlin accused Moscow of carrying out cyberattacks. A newly concluded government investigation found the cyberattack had been carried out by a group — linked to Moscow’s GRU military intelligence agency — known as APT28. The group, also known as Fancy Bear, has been accused ...

  • Israel’s Cabinet votes to shut down Al Jazeera operations in Israel

    May 5, 2024

    Israel’s cabinet on Sunday voted unanimously to shut down the Qatari news outlet Al Jazeera’s operations in Israel, nearly six months after first announcing its intentions to do so due to security concerns related to the Israel-Hamas war. The decision, which requires recertification every 45 days, includes shutting down Al Jazeera broadcasts in Arabic and English; ...

  • Scaly Wolf’s new loader: the right tool for the wrong job

    May 2, 2024

    The BI.ZONE Threat Intelligence team has uncovered a fresh campaign by the group targeting Russian and Belarusian organizations. The threat actors are distributing phishing emails under the guise of a federal agency. The emails have a legitimate document as an attachment. It aims to lull the recipient’s vigilance and prompt them to open the other file, ...

  • Polish minister says government used spyware against hundreds of people

    April 25, 2024

    The use of spyware in Poland under the previous government resulted in accusations that the authorities were abusing power and eroding democratic guardrails. Poland’s prosecutor general said on Wednesday that Pegasus spyware was used against hundreds of people during the former Polish government. Adam Bodnar told lawmakers that he found the scale of the surveillance to ...