An extraordinary iPhone hacking campaign revealed by Google last week may be linked to other Android spying campaigns focused on websites related to the Uyghurs, a Chinese Muslim minority group, and the East Turkistan region of China, according to new research from Volexity.
Following racist and anti-Semitic tweets being posted for a short time to Twitter CEO Jack Dorsey's hijacked account - despite his use of two-factor authentication - Twitter blamed the security lapse on an unnamed mobile provider. A group called "Chuckling Squad" appears to be responsible.
Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
An emerging cyber espionage group that apparently started its work in South Africa last year is now focusing on targeting critical control systems for oil and gas companies in the Middle East, according to researchers at two cybersecurity firms.
The United States' June cyberattack against Iran wiped out a critical database used by the nation's paramilitary arm to plan attacks against oil tankers and at least temporarily degraded Iran's ability to covertly target Persian Gulf shipping traffic, the New York Times reports.
Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election. Security experts say that in light of recent ransomware attacks against units of government, the effort is overdue.
Chinese advanced persistent threat groups are targeting cancer research organizations across the globe with the goal of stealing their work and using it to help the country address growing cancer rates among its population, according to researchers at cybersecurity company FireEye.
The latest edition of the ISMG Security Report analyzes the ransomware attack on Texas municipalities as part of a broader trend. Also featured: An initiative designed to safeguard the 2020 presidential elections and a CIO's third-party risk management efforts.
A cyber espionage campaign, which may have ties to North Korea, is suspected of targeting foreign ministries, academic institutions and think thanks that are studying or writing reports about the nation's regime, according to an analysis by the security firm Anomali.
Facebook and Twitter have suspended a number of accounts and pages that they have tied to information operations being run by the Chinese government. Disinformation has targeted pro-democracy demonstrators in Hong Kong - likening them to cockroaches - while dismissing anti-Beijing sentiment as "fake news."
To better prepare for cyberthreats posed by Russia and China, the U.S. Army has been building cyber and electronic warfare units. But a new report from the Government Accountability Office finds that these units are understaffed, underequipped and in need of better training.
An A-list of cyber experts, including former Homeland Security Secretary Jeh Johnson, has put its weight behind U.S. CyberDome, a nonpartisan initiative to protect presidential campaigns against foreign influence. Matthew Barrett, a former NIST leader and co-founder of CyberDome, outlines how this group is gearing up.
Some members of a hacking group with ties to China's government that's primarily known for its complex cyberespionage campaigns have developed a side business targeting the global gaming industry for financial gain, the security firm FireEye says.
A confidential, leaked UN report warns that North Korea has funneled an estimated $2 billion - stolen via online bank and cryptocurrency exchange heists as well as generated via cryptocurrency mining - into its nuclear and missile-development programs.
Microsoft warned on Monday that Russia-linked attackers are gaining access to corporate networks through poorly configured devices, such as office printers and VOIP phones. The remedy is paying more attention to deployed IoT devices, including establishing security policies and regular testing.