Government


  • China: Foreign cyber spies attack information systems of key departments, enterprises, stealing sensitive data

    February 16, 2024

    China’s Ministry of State Security warned on Friday that in recent years, national security agencies have discovered that foreign cyber spies have continuously attacked the information systems of key departments and enterprises within China, resulting in the theft of important sensitive data and posing a threat to China’s data security and cybersecurity. The ministry released an ...

  • Philippines: Department of Education checking data breach after hacking

    February 14, 2024

    The Department of Education (DepEd) is examining its systems for possible data breaches after reports of hackers allegedly harvesting 750 gigabytes of data containing sensitive information on banking details, students, teachers and more. DeepWeb Konek, a collective of cybersecurity practitioners, reported yesterday morning on X that it monitored a post by a “threat actor” in the ...

  • Buying Spying: How the commercial surveillance industry works and what can be done about it

    February 6, 2024

    Private sector firms have been involved in discovering and selling exploits for many years, but there is a rise in turnkey espionage solutions. Commercial Surveillance Vendors (CSVs) offer pay-to-play tools that bundle an exploit chain designed to get past security measures, along with the spyware and the necessary infrastructure, in order to collect the desired data ...

  • Deputy Prime Minister hosts first global conference targeting ‘hackers for hire’ and malicious use of commercial cyber tools

    February 6, 2024

    UK, and France, hosting 35 nations at inaugural conference to tackle proliferation and irresponsible use of commercial cyber intrusion tools and services. Deputy Prime Minister Oliver Dowden will launch new international agreement, signed by participants, to take joint-action – the ‘Pall Mall Process’. States will be joined by big tech leaders, legal experts, and human rights defenders, ...

  • Classified Japanese diplomatic info leaked after Chinese cyberattacks in 2020

    February 5, 2024

    Classified Japanese diplomatic information was leaked following Chinese cyberattacks on the Foreign Ministry in 2020, a government source said Monday, exposing the nation’s digital vulnerability. Japan detected the large-scale attack and release of diplomatic telegrams during a period of government under then Prime Minister Shinzo Abe, the source said, but the nature of the leaked information ...

  • Scaly Wolf uses White Snake stealer against Russian industry

    February 2, 2024

    The BI.ZONE Threat Intelligence team has identified at least a dozen campaigns linked to Scaly Wolf. The impact spreads across organizations from various industries in Russia, including manufacturing and logistics. One of the group’s characteristics in gaining initial access is their phishing emails designed to look like legitimate correspondence from Russian public authorities. Its phishing arsenal ...

  • Hackers obtain confidential information on Romanian officials after cyber attack at Parliament

    January 31, 2024

    Hackers breached the database of the Romanian Chamber of Deputies, the lower house of the Parliament, after a recent cyber attack. They reportedly managed to obtain confidential information, such as the prime minister’s identity documents, medical analyses, and other personal data.  The hackers threatened to release the personal data of the deputies if they did not ...

  • The NSA buys Americans’ internet data, newly released documents show

    January 26, 2024

    The National Security Agency has been buying Americans’ web browsing data from commercial data brokers without warrants, intelligence officials disclosed in documents made public by a US senator Thursday. The purchases include information about the websites Americans visit and the apps that they use, said Oregon Democratic Sen. Ron Wyden, releasing newly unclassified letters he received ...

  • HP Enterprise was hacked by the same Russian state-sponsored group that targeted Microsoft

    January 25, 2024

    HP Enterprise was infiltrated by a hacking group linked to Russian intelligence last year, the business IT company has revealed in a Securities and Exchange Commission filing. The threat actor is believed to be Midnight Blizzard, also known as Cozy Bear, which was the same group that recently breached the email accounts of several senior executives ...

  • Lebanon: Ministry of Social Affairs’ website suffers cybersecurity breach

    January 22, 2024

    The Ministry of Social Affairs’ website has been subjected to a cyber-attack. Authorities are actively working to resolve the issue and ensure the restoration of normalcy to the site. Reportedly, the website does not contain any personal information. Read more… Source: Lebanese Broadcasting Corporation International   

  • Swiss government accused of massive online surveillance

    January 11, 2024

    The Swiss Federal Intelligence Service (SRC) is allegedly monitoring the digital activities of the Swiss population, particularly on their mobile phones and computers, according to the German-language magazine Republik.ch on Tuesday. What’s more, Swiss spies are said to be storing far more information than they promised when the new intelligence law was introduced. The SRC denies ...

  • Thailand: Elderly to get anti-scam education as cybercrime explodes

    January 10, 2024

    Alarmed by research indicating that the elderly are the most vulnerable to fraudsters, Thailand’s Ministry of Social Development and Human Security and CIB cybercrime investigators will collaborate with partners to provide digital literacy to senior people nationwide. The minister, Varawut Silpa-archa, stated that more than 13 million people, or almost 20% of the Thai population, are ...

  • Proposed Irish hate speech regulations could have a chilling effect on freedom

    January 4, 2024

    In light of the Dublin riots, which estimates suggest resulted in millions of euro worth of damage, following the stabbing of three children outside their school by a foreign national, Ireland’s regional free speech culture war battleground has become global. Several public figures from across the world have sounded the alarm over potential threats to freedom ...

  • Pakistan: Separate agency set up to tackle cybercrime challenge

    December 28, 2023

    The government has established a separate agency, National Cyber Crime Investigation Agency, equipped with all the required equipment and skills with which Pakistan’s cyberspace, data of public and private institutions, business transactions, and online activities of citizens can be secured, effectively. This was stated by Caretaker Federal Minister for Information Technology and Telecommunication Dr Umar Saif, ...

  • A cyberattack targets Albanian Parliament, cellphone provider and air flight company

    December 27, 2023

    Albania’s Parliament said on Tuesday that it had suffered a cyberattack with hackers trying to get into its data system, resulting in a temporary halt in its services. A statement said Monday’s cyberattack had not “touched the data of the system,” adding that experts were working to discover what consequences the attack could have. It said ...

  • Governments spying on Apple, Google users through push notifications -US senator

    December 7, 2023

    Unidentified governments are surveilling smartphone users via their apps’ push notifications, a U.S. senator warned on Wednesday. In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from Alphabet’s Google and Apple. Although details were sparse, the letter lays out yet another path by which governments can track ...

  • Star Blizzard increases sophistication and evasion in ongoing attacks

    December 7, 2023

    Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard (formerly SEABORGIUM, also known as COLDRIVER and Callisto Group). Star Blizzard has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against the same targets. Star Blizzard, whose activities we ...

  • TA422’s Dedicated Exploitation Loop – the Same Week After Week

    December 5, 2023

    Starting in March 2023, Proofpoint researchers have observed the Russian advanced persistent threat (APT) TA422 readily use patched vulnerabilities to target a variety of organizations in Europe and North America. TA422 overlaps with the aliases APT28, Forest Blizzard, Pawn Storm, Fancy Bear, and BlueDelta, and is attributed by the United States Intelligence Community to the Russian ...

  • New Tool Set Found Used Against Organizations in the Middle East, Africa and the US

    December 1, 2023

    Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. The researchers will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors’ activity. Unit 42 team is sharing this research to provide detection, prevention and hunting ...

  • Hellhounds: Operation Lahat

    November 30, 2023

    In 2023, Positive Technologies Computer Security Incident Response Team (PT CSIRT) discovered that a certain power company was compromised by the Decoy Dog trojan. According to the PT CSIRT investigation, Decoy Dog has been actively used in cyberattacks on Russian companies and government organizations since at least September 2022. This trojan was previously discussed by NCIRCC, Infoblox, ...