Government


  • FBI: Hackers stole government source code via SonarQube instances

    October 27, 2020

    The Federal Bureau of Investigation (FBI) issued a flash alert warning of hackers stealing data from U.S. government agencies and enterprise organizations via internet-exposed and insecure SonarQube instances. SonarQube is an open-source platform for automated code quality auditing and static analysis to discover bugs and security vulnerabilities in projects using 27 programming languages. Vulnerable SonarQube servers have ...

  • EU sanctions Russian hackers over 2015 German parliament attack

    October 22, 2020

    The Council of the European Union today announced sanctions imposed on Russian military intelligence officers part of the 85th Main Centre for Special Services (GTsSS) for their involvement in a 2015 hack of the German Federal Parliament (Deutscher Bundestag). EU’s sanctions include both travel bans and asset freezes and also block EU organizations and individuals from ...

  • Russian state hackers stole data from US government networks

    October 22, 2020

    DHS Cybersecurity and Infrastructure Security Agency (CISA) and the FBI today warned that a Russian state-sponsored APT threat group known as Energetic Bear has hacked and stolen data from US government networks during the last two months. Energetic Bear (also tracked as Berserk Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala), a hacking group active since ...

  • Hacker groups chain VPN and Windows bugs to attack US government networks

    October 12, 2020

    Hackers have gained access to government networks by combining VPN and Windows bugs, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint security alert published on Friday. Attacks have targeted federal and state, local, tribal, and territorial (SLTT) government networks. Attacks against non-government networks have also been ...

  • BAHAMUT Spies-for-Hire Linked to Extensive Nation-State Activity

    October 7, 2020

    A cyberespionage group known as BAHAMUT has been linked to a “staggering” number of ongoing attacks against government officials and private-sector VIPs in the Middle East and South Asia, while also engaging in wide-ranging disinformation campaigns. That’s according to BlackBerry researchers, who said that the highly resourced group is probably operating on a mercenary basis, offering ...

  • Government software provider Tyler Technologies hit by ransomware

    September 23, 2020

    Leading government technology services provider Tyler Technologies has suffered a ransomware attack that has disrupted its operations. Tyler Technologies is one of the largest U.S. software development and technology services companies dedicated to the public sector. With a forecasted $1.2 billion in revenue for 2020 and 5,500 employees, Tyler Technologies provides technical services for local governments in ...

  • CISA warns of notable increase in LokiBot malware

    September 22, 2020

    The US government’s cyber-security agency has issued a security advisory today warning federal agencies and the private sector about “a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020.” The Cybersecurity and Infrastructure Security Agency (CISA) said that its in-house security platform (the EINSTEIN Intrusion Detection System) has detected persistent ...

  • Russian hackers use fake NATO training docs to breach govt networks

    September 22, 2020

    A Russian hacker group known by names, APT28, Fancy Bear, Sofacy, Sednit, and STRONTIUM, is behind a targeted attack campaign aimed at government bodies. The group delivered a hard-to-detect strand of Zebrocy Delphi malware under the pretense of providing NATO training materials. Researchers further inspected the files containing the payload and discovered these impersonated JPG files showing ...

  • US govt orders federal agencies to patch dangerous Zerologon bug by Monday

    September 20, 2020

    The Department of Homeland Security’s cybersecurity division has ordered federal civilian agencies to install a security patch for Windows Servers, citing “unacceptable risk” posed by the vulnerability to federal networks. The DHS order was issued via an emergency directive, a rarely-used legal mechanism through which US government officials can force federal agencies into taking various actions. The ...

  • U.S. Dept of Veterans Affairs data breach affects 46,000 veterans

    September 15, 2020

    The U.S. Department of Veterans Affairs (VA) has suffered a data breach that has led to the exposure of personal information for over 46,000 veterans. The VA department was created to ensure United States veterans receive the health services, benefits, and care they deserve. In a data breach notification released yesterday, the VA states that hackers breached ...

  • Australia: Data of 186,000 customers leaked in Service NSW cyber attack

    September 7, 2020

    Service NSW has confirmed that the personal data of 186,000 customers and staff were leaked after a cyber attack earlier this year, in which 47 employees had their email accounts compromised. A four-month investigation, which began in April, concluded that roughly 3.8 million documents had to be analysed to assess the severity of any possible breaches. “This ...

  • Ransomware attack halts Argentinian border crossing for four hours

    September 6, 2020

    Argentina’s official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. While ransomware attacks against cities and local agencies have become all too common, this may be a first known attack against a federal agency that has interrupted a country’s operations. According to a ...

  • Transparent Tribe: Evolution analysis, part 1

    August 20, 2020

    Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. Proofpoint published a very good article about them in 2016, and since that day, we have kept an eye on the group. We have periodically reported their activities through our APT ...

  • New FritzFrog P2P botnet has breached at least 500 enterprise, government servers

    August 19, 2020

    A P2P botnet newly-discovered by researchers has struck at least 500 government and enterprise SSH servers over 2020. On Wednesday, cybersecurity firm Guardicore Labs published research into FritzFrog, a peer-to-peer (P2P) botnet that has been detected by the company’s sensors since January this year. According to researcher Ophir Harpaz, FritzFrog has attempted to brute-force SSH servers belonging ...

  • Hacked government, college sites push malware via fake hacking tools

    August 10, 2020

    A large scale hacking campaign is targeting governments and university websites to host articles on hacking social network accounts that lead to malware and scams. BleepingComputer first learned about this campaign after security intelligence firm Cyble shared a screenshot of the UNESCO.org site compromised to host an article on how to hack Instagram accounts. Clicking on the ...

  • UK: Russian hackers stole trade papers from Liam Fox email

    August 3, 2020

    Documents on UK-US trade talks, leaked ahead of the 2019 general election, were stolen from an email account belonging to Conservative MP Liam Fox, it has emerged. The papers were published online and used by Labour in the 2019 campaign to claim the NHS would be put at risk. The UK government has said Russians almost certainly ...

  • FBI warns of Netwalker ransomware targeting US government and organisations

    July 29, 2020

    The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices. FBI’s flash alert also provides indicators of compromise associated with the Netwalker ransomware (also known as Mailto) and includes a list of ...

  • Huawei 5G ban: UK networks must strip out equipment by 2027

    July 14, 2020

    UK mobile networks have been told they cannot buy any more 5G equipment from Huawei after the end of this year, and that they must remove the Chinese networking company’s technology from their 5G networks by the end of 2027. Culture secretary Oliver Dowden said: “Following US sanctions against Huawei and updated technical advice from our ...

  • Cyber experts urge Australia to develop local capability to defend against hackers

    July 12, 2020

    Cyber experts have urged the federal government to become less reliant on overseas businesses, technologies and expertise for its defences against hackers as it puts the finishing touches on the nation’s new cyber security strategy. Foreign providers are responsible for most of the cyber security products and services in Australia, with no local companies among the ...

  • Brazilian federal police investigates presidential data leak

    June 26, 2020

    The Brazilian federal police reported advances around an investigation into a cybercrime organization supposedly responsible for exposing personal details of senior government officials including president Jair Bolsonaro. The investigation follows a leak earlier this month, claimed by hacker group Anonymous Brazil, involving personal information relating to Bolsonaro, his sons and supporters, as well as various ministers. Information ...