U.S. government agencies and the private sector embraced information sharing but lack a coordinated response plan in the event of a massive cyberattack, a House Republican said. Public-private partnerships are essential since 80% of critical infrastructure in the U.S. is owned by the private sector.
Thousands of North Korean IT workers hid their identities to earn hundreds of millions of dollars in IT contract work from overseas companies to help finance the country's weapons development program, U.S. and South Korean agencies said. Officials said to watch for workers who are camera-shy.
Hackers used an updated malware framework dubbed Mata by Kaspersky to target more than a dozen oil, gas and defense sector companies in Eastern Europe, including air-gapped systems. Kaspersky previously associated Mata with North Korea but doesn't attribute this campaign to the Pyongyang regime.
North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.
Nation-state hackers are targeting a vulnerability in WinRAR, a popular Windows utility for archiving files, warns Google’s Threat Analysis Group, which said it has seen "government-backed hacking groups" who hail from multiple countries, including China and Russia, targeting the bug.
Nation-state hacks against Western start-ups are surging in a bid by competitor nations to glean intellectual property, warns the Five Eyes intelligence alliance. The stolen data was likely used to fast-track technological and military capabilities within adversary nations, alliance members say.
Amplifying kinetic attacks, Russian hackers in recent months have hit at least 11 telecommunications firms in Ukraine with a barrage of "destructive" malware designed to exfiltrate data, steal social media account credentials, destroy IT systems and disrupt operations, the Ukrainian government says.
A financially motivated hacking group turned cyberespionage operation targeted attendees of high-profile European conferences, including the Women Political Leaders Summit in Brussels. Threat actor Void Rabisu - also known as Tropical Scorpius and UNC2596 - has been honing its backdoor.
It could be weeks or months before outsiders have a clear picture of the cyber dimension of the conflict between Hamas and Israel, a cyber expert said. "As some of these stories come out, as we will start to learn about what was actually targeted," said Rob T. Lee of the SANS Institute.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joined ISMG editors to discuss: how Hamas is using crypto to finance operations, the latest illicit activities by North Korean actors, and how the trial of FTX's Sam Bankman-Fried could impact the industry.
A top U.S. cybersecurity official said Israel has avoided significant cyberattacks since Hamas' invasion Saturday but said that wouldn't necessarily be America's experience should armed conflict break out with China. "There have not been significant cyberattacks as of right now," said Brandon Wales.
The violent surprise attack on Israel by Hamas and the region's escalating war spotlights the critical importance of situational awareness, and especially for healthcare organizations that rely on medical or tech products from Israeli technology firms, said Denise Anderson, president of the H-ISAC.
Amnesty International says the Vietnamese government is likely behind a wave of attempted Predator spyware infections against targets including members of the U.S. Congress and European officials. Central to the campaign was an account on social media network X (formerly Twitter).
Pentera got through the attacks on Israel with no injuries among its 180 local employees, and now 20 workers have been called up to serve in infantry or intelligence units. The automated security validation firm's CEO now only wants to do business with people who support Israel's right to defend itself.
Cybersecurity companies across the globe are now preparing for a sizable chunk of their Israel-based workforce to be drafted into the country's military reserves. They've also in recent days taken steps to support their workers or the country at large.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.