Government


  • State-backed phishing targets U.S. Government employees with fast food lures

    April 22, 2020

    More than a dozen state-backed hacking groups are actively targeting U.S. Government employees and healthcare organizations in phishing campaigns that use lures designed to take advantage of the fears surrounding the COVID-19 pandemic. “TAG has specifically identified over a dozen government-backed attacker groups using COVID-19 themes as lure for phishing and malware attempts—trying to get their targets to ...

  • German government might have lost tens of millions of euros in COVID-19 phishing attack

    April 18, 2020

    The government of North Rhine-Westphalia, a province in western Germany, is believed to have lost tens of millions of euros after it failed to build a secure website for distributing coronavirus emergency aid funding. The funds were lost following a classic phishing operation. Cybercriminals created copies of an official website that the NRW Ministry of Economic Affairs had set ...

  • PoetRAT Trojan targets energy sector using coronavirus lures

    April 17, 2020

    Government and energy sectors are being targeted in a new campaign that weaponizes the coronavirus outbreak. On Thursday, Cisco Talos researchers Warren Mercer, Paul Rascagneres and Vitor Ventura published an analysis of a new campaign that deploys PoetRAT, a previously-undiscovered Remote Access Trojan (RAT) striking both the Azerbaijan government and utility companies. According to the team, the malware attacks supervisory control ...

  • DarkHotel hackers use VPN zero-day to breach Chinese government agencies

    April 6, 2020

    Foreign state-sponsored hackers have launched a massive hacking operation aimed at Chinese government agencies and their employees. Attacks began last month, in March, and are believed to be related to the current coronavirus (COVID-19) outbreak. Chinese security-firm Qihoo 360, which detected the intrusions, said the hackers used a zero-day vulnerability in Sangfor SSL VPN servers, used to provide ...

  • UK Department for Business, Energy and Industrial Strategy is looking for organisations who can support in the supply of ventilators and ventilator components

    March 20, 2020

    The Department for Business, Energy and Industrial Strategy (BEIS) is looking for organisations who can support in the supply of ventilators and ventilator components across the United Kingdom as part of the Government’s response to COVID-19. These questions aim to identify the suitability and readiness of organisations to be involved in the initiative. There are three ...

  • US government agencies have shadow IT infrastructure problem, cybersecurity risks, says GAO

    March 5, 2020

    Federal agencies are facing increasing cybersecurity risks due to a bevy of IT facilities aren’t being tracked as full-fledged data centers, according to a General Accountability Office report. As noted previously, federal agencies have been consolidating and closing data centers over the years, but a narrower definition of what facilities should fall under an optimization program means that ...

  • Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

    March 3, 2020

    Between October 2019 through the beginning of December 2019, Unit 42 observed multiple instances of phishing attacks likely related to a threat group known as Molerats (AKA Gaza Hackers Team and Gaza Cybergang) targeting eight organizations in six different countries in the government, telecommunications, insurance and retail industries, of which the latter two were quite ...

  • Puerto Rico Government Hit By $2.6M Phishing Scam

    February 13, 2020

    A phishing scam has swindled a Puerto Rico government agency out of more than $2.6 million, according to reports. According to reports, the email-based phishing scam hit Puerto Rico’s Industrial Development Company, which is a government-owned corporation aimed at driving economic development to the island along with local and foreign investors. The agency reportedly received an email alleging ...

  • U.S. Battleground County Website Security Survey

    February 3, 2020

    Today McAfee released the results of a survey of county websites and county election administration websites in the 13 states projected as battleground states in the 2020 U.S. presidential elections. We found that significant majorities of these websites lacked the official government .GOV website validation and HTTPS website security measures to prevent malicious actors from launching copycat web domains ...

  • New Year Honours: Government faces multi-million pound compensation bill over leaked private details

    December 29, 2019

    The Government is facing fines and a compensation bill running into millions of pounds after the disclosure of the home addresses of counter-terrorism experts, senior police officers and celebrities on the new year honours list. Senior figures demanded an exhaustive inquiry into the circumstances which led to the personal details of more than 1,000 individuals who will ...

  • Frankfurt shuts down IT network following Emotet infection

    December 19, 2019

    Frankfurt, one of the largest financial hubs in the world and the home of the European Central Bank, has shut down its IT network this week following an infection with the Emotet malware. Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet. The other three are ...

  • Story of the year 2019: Cities under ransomware siege

    December 11, 2019

    Overall awareness of the need for security measures is growing, and cybercriminals are increasing the precision of their targeting to locate victims with security breaches in their defense systems. Looking back at the past three years, the share of users targeted with ransomware in the overall number of malware detections has risen from 2.8% to 3.5%. While ...

  • Cyberattack Downs Pensacola’s City Systems

    December 10, 2019

    The city of Pensacola, Fla., said it has been hit by a cyberattack that shut down the city’s computer networks and affected its systems. The attack occurs just days after a shooting occurred Friday at U.S. military base Naval Air Station Pensacola, leaving three dead. Pensacola’s mayor, Grover Robinson, told news outlets that he didn’t know if the cyberattack was ...

  • China ‘bans foreign computer equipment and software from state offices’

    December 9, 2019

    Beijing has ordered every public institution in the country to remove foreign computer equipment and software within three years, according to the Financial Times. The newspaper reported that the order was made by the Chinese Communist Party’s central office earlier this year, and is the first publicly known directive obliging government offices to begin purchasing equipment ...

  • House of Commons looking for new cyber security director

    November 20, 2019

    The UK House of Commons is looking to appoint a new Director of Cyber Security for the Parliamentary Digital Service. A contract notice published on the Civil Service Jobs website stated that the selected candidate will have to take overall responsibility for the Palace of Westminster’s cybersecurity strategy. Work involves maintaining awareness of both internal and external ...

  • Ransomware hits Louisiana state government systems

    November 19, 2019

    A ransomware infection today took down IT systems and websites managed by the Louisiana state government, Governor John Bel Edwards revealed in a series of tweets. “Today, we activated the state’s cybersecurity team in response to an attempted ransomware attack that is affecting some state servers. The Office of Technology Services identified a cybersecurity threat that ...

  • Lizard Squad Threatens UK’s Labour Leader with Cyberattacks Against His Family

    November 15, 2019

    Lizard Squad, the well-known hacktivist cybergang, is pledging to mount personal cyberattacks on Britain’s Labour Party leader, Jeremy Corbyn. As the UK continues to be roiled by Brexit debate ahead of a Dec. 12 general election, the Labour Party said on Tuesday that it had been targeted by a “sophisticated and large-scale” cyberattack bent on taking ...

  • Labour Party says it has been hit by ‘large-scale cyber attack’

    November 12, 2019

    Labour says it has been hit by a “sophisticated and large-scale cyber attack” on its digital platforms. A party spokeswoman said the cyber attack “failed” because of their “robust security systems” and that she was confident no data breach occurred. “Security procedures have slowed down some of our campaign activities, but these were restored this morning and we ...

  • Canadian Nunavut government systems crippled by ransomware

    November 5, 2019

    Canadian government IT systems have been forced into lockdown after a successful ransomware attack. On Monday, government officials for the Nunavut region said that over the weekend, a “new and sophisticated type of ransomware” struck the territory. All government services — with the exception of an energy corporation — that rely on access to electronic information stored ...

  • Adwind Remote Access Trojan Hits Utilities Sector

    August 19, 2019

    Attackers are targeting entities from the utility industry with the Adwind Remote Access Trojan (RAT) malware via a malspam campaign that uses URL redirection to malicious payloads. Adwind (also known as jRAT, AlienSpy, JSocket, and Sockrat) is distributed by its developers to threat actors under a malware-as-a-service (MaaS) model and it is capable of evading detection by most major anti-malware ...