Schneier on Security

FEBRUARY 13, 2025

In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. trillion in annual federal payments.

Government 363

Government Artificial Intelligence Banking Software 363

Security Affairs

DECEMBER 3, 2024

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland’s government has been investigating the alleged misuse of Pegasus spyware by the previous administration and arrested the former head of Poland’s internal security service Piotr Pogonowski.

Spyware 116

Spyware Government Surveillance Hacking 116

Schneier on Security

FEBRUARY 27, 2024

I-Soon sells hacking and espionage services to Chinese national and local government. And they seem to primarily be hacking regionally. Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. Lots of details in the news articles.

Surveillance 318

Surveillance Hacking Government 318

Security Affairs

MAY 17, 2025

The FBI warns that ex-government officials are being targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials to current or former senior US federal or state government officials and their contacts Since April 2025, threat actors have been using texts and AI voice messages impersonating senior U.S.

Government 120

Government Social Engineering Authentication Accountability 120

The Hacker News

MAY 15, 2025

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET.

Government 109

Government Hacking Cybersecurity 109

Schneier on Security

FEBRUARY 3, 2025

Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks. ” It is not clear who was behind the attack.

Spyware 272

Spyware Government Hacking Software 272

Security Affairs

JANUARY 23, 2025

The US governments cybersecurity and law enforcement revealed that Chinese threat actors used at least two sophisticated exploit chains to compromise Ivanti Cloud Service Appliances (CSA). is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack.

Hacking 114

Hacking Government Cybersecurity Information Security 114

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers is still ongoing, government experts are assessing its scope.

Government 109

Government Telecommunications Surveillance Risk 109

Security Affairs

APRIL 28, 2025

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast Asias government and telecom sectors. Earth Kurma particularly targeted the Philippines, Vietnam, Thailand, and Malaysia.

Telecommunications 116

Telecommunications Government Malware Hacking 116

Krebs on Security

OCTOBER 17, 2024

government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. The government isn’t saying where the Omed brothers are being held, only that they were arrested in March 2024 and have been in custody since. A statement by the U.S.

DDOS 266

DDOS Government Internet Internet 266

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers.

Hacking 127

Hacking Internet Internet Malware 127

Schneier on Security

OCTOBER 8, 2024

The Wall Street Journal is reporting that Chinese hackers (Salt Typhoon) penetrated the networks of US broadband providers, and might have accessed the backdoors that the federal government uses to execute court-authorized wiretap requests. Those backdoors have been mandated by law—CALEA—since 1994. It’s a weird story.

Hacking 315

Hacking Government 315

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers is still ongoing, government experts are assessing its scope.

Government 110

Government Telecommunications Surveillance Risk 110

Schneier on Security

OCTOBER 14, 2024

Something this complex and impressive implies that a government is behind this. North Korea is the government we know that hacks cryptocurrency in order to fund its operations. Aqua Security researchers have also observed the malware serving as a backdoor to install other families of malware.

Malware 267

Malware Cryptocurrency Internet Internet 267

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware 256

Malware Antivirus Software DDOS 256

Security Boulevard

NOVEMBER 1, 2024

China Hacks Canada too, Says CCCS appeared first on Security Boulevard. Plus brillants exploits: Canadian Centre for Cyber Security fingers Chinese state sponsored hackers. The post Ô!

Hacking 128

Hacking Social Engineering Cyber Attacks Data privacy 128

Malwarebytes

MAY 8, 2025

The purpose was to gain access to the messages on those devices, which were typically used by attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials. However, the jury awarded Meta $444,719 in compensatory damages and $167,254,000 in punitive damages.

Spyware 125

Spyware Hacking Surveillance Government 125

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. government has used court orders to remotely disinfect systems compromised with malware. Today’s operation is not the first time the U.S.

Hacking 312

Hacking Malware Ransomware Government 312

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. From the executive summary: The Board finds that this intrusion was preventable and should never have occurred.

Hacking 334

Hacking Government Accountability Technology 334

Krebs on Security

DECEMBER 4, 2024

government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. government’s “Wanted” poster for him.

Cybercrime 247

Cybercrime Ransomware Cryptocurrency Government 247

Security Affairs

APRIL 16, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach) Conduent suffered another security breach in 2020 by the Maze ransomware gang, which stole corporate data.

Data breaches 109

Data breaches Government Business Services Cyber Insurance 109

Schneier on Security

MARCH 11, 2025

. […] According to prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that have criticized the Chinese government, and most recently the US Treasury, which was breached between September and December of last year.

Government 221

Government Media Hacking 221

Security Affairs

MAY 18, 2025

. “That effectively means there is a built-in way to physically destroy the grid,” an anonymous informer told Reuters The rogue devices’ existence is newly revealed, with no public US government acknowledgment. The DOE said its working with the federal government to strengthen U.S.

Energy and Utilities 144

Energy and Utilities Manufacturing Government Hacking 144

Security Affairs

DECEMBER 9, 2024

On June 20, 2024, the group targeted an Indonesian data center causing the disruption of around 210 critical government services, including customs and immigration. Deloitte discovered the hack in March 2017, and according to The Guardian, the attackers may have had access to the company systems since October or November 2016.

Hacking 121

Hacking Ransomware Accountability Architecture 121

Security Boulevard

NOVEMBER 6, 2024

The post Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’ appeared first on Security Boulevard. That’s a lot of pain: $125,000 ransom seems small—but why do the scrotes want it paid in baguettes?

Hacking 125

Hacking Cryptocurrency Data privacy Risk 125

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. A senior government official at the finance ministry confirmed that attackers compromised some central bank accounts.

Banking 140

Banking Government Accountability Hacking 140

Security Affairs

OCTOBER 22, 2024

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability. ” Chinese law requires researchers to disclose zero-day vulnerabilities to the government. .”

Hacking 139

Hacking Government Software Information Security 139

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 265

Identity Theft Phishing Cryptocurrency Accountability 265

The Hacker News

MAY 27, 2025

Active since at least April 2024, the hacking group is linked to espionage operations mainly targeting organizations that are important to Russian government objectives,

Phishing 125

Phishing Government Hacking 125

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. Set clear standards on what is required by the private sector, and what the government will do to assist with cybersecurity.

CISO 263

CISO CSO Risk Cyber threats 263

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. In September 2024, Ukraines National Coordination Centre for Cybersecurity (NCCC) banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

FEBRUARY 2, 2025

Texas bans DeepSeek and RedNote on government devices to block Chinese data-harvesting AI, citing security risks. Texas and other states banned TikTok on government devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,DeepSeek)

Government 76

Government Artificial Intelligence Media Data collection 76

Schneier on Security

DECEMBER 30, 2024

The US government has identified a ninth telecom that was successfully hacked by Salt Typhoon.

Government 277

Government Hacking 277

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. io , and rdp[.]sh. gg , an e-commerce platform that caters to the same clientele as Sellix.

eCommerce 213

eCommerce Cybercrime Accountability Passwords 213

Security Affairs

APRIL 16, 2025

government funding for MITRE s CVE program , a key global cybersecurity resource for cataloging vulnerabilities, is set to expire Wednesday, risking disruption. The CVE program is supported by a network of CVE Numbering Authorities (CNAs), which include major technology companies, research organizations, and government agencies.

Government 129

Government Risk Cybersecurity Media 129

Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government 66

Government Cyber threats Malware Phishing 66

Security Affairs

JANUARY 18, 2025

The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. government IT systems and critical infrastructure. The threat actors gained access to the workstations of government employees and unclassified documents.

Cybersecurity 117

Cybersecurity Telecommunications Government Healthcare 117