Capitol attack’s cybersecurity fallout: Stolen laptops, lost data and possible espionage

When hostile actors penetrated the Capitol Building on January 6, they gained access to individual chambers and offices and remained at large within the Capitol complex for well over two hours. We have reports that items were stolen. One report Read More …

Investigation launched into vulnerabilities found within US Judiciary case file system

The United States Judiciary has announced an audit into its systems, following concerns its case file system has been compromised. In making the announcement, the Judiciary said the Administrative Office of the US Courts was working with the Department of Read More …

US government formally blames Russia for SolarWinds hack

Four US cyber-security agencies, including the FBI, CISA, ODNI, and the NSA, have released a joint statement today formally accusing the Russian government of orchestrating the SolarWinds supply chain attack. US officials said that “an Advanced Persistent Threat (APT) actor, Read More …

Japanese Aerospace Firm Kawasaki Warns of Data Breach

Japanese aerospace company Kawasaki Heavy Industries on Monday warned of a security incident that may have led to unauthorized access of customer data. According to the company’s data breach notification, it first discovered unauthorized parties accessing a server in Japan, Read More …

US IoT Improvement Act Becomes Law

After passing the House and Senate, H.R. 1668 or the IoT Cybersecurity Improvement Act of 2020 was signed by US President Donald Trump last December 4, 2020. The law requires federal agencies to have cybersecurity requirements to all controlled and Read More …

Suspected Russian hackers spied on U.S. Treasury emails – sources

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of Read More …

CISA: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at Read More …

FINRA Alerts Firms to Phishing Email Using Invest-FINRA.org Domain Name

FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails that include the domain “@invest-finra.org”. FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm Read More …

FBI: Hackers stole source code from US government agencies and private companies

The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. Intrusions have taken place since at Read More …