Security Affairs

DECEMBER 3, 2024

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland’s government has been investigating the alleged misuse of Pegasus spyware by the previous administration and arrested the former head of Poland’s internal security service Piotr Pogonowski.

Spyware 118

Spyware Government Surveillance Hacking 118

Schneier on Security

FEBRUARY 27, 2024

I-Soon sells hacking and espionage services to Chinese national and local government. And they seem to primarily be hacking regionally. Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. Lots of details in the news articles.

Surveillance 320

Surveillance Hacking Government 320

WIRED Threat Level

MAY 7, 2025

CBP says it has disabled its use of TeleMessage following reports that the app, which has not cleared the US governments risk assessment program, was hacked.

Hacking 114

Hacking Government Risk 114

Security Affairs

APRIL 28, 2025

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast Asias government and telecom sectors. Earth Kurma particularly targeted the Philippines, Vietnam, Thailand, and Malaysia.

Telecommunications 119

Telecommunications Government Malware Hacking 119

Security Affairs

JANUARY 23, 2025

The US governments cybersecurity and law enforcement revealed that Chinese threat actors used at least two sophisticated exploit chains to compromise Ivanti Cloud Service Appliances (CSA). is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack.

Hacking 116

Hacking Government Cybersecurity Information Security 116

Schneier on Security

FEBRUARY 3, 2025

Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks. ” It is not clear who was behind the attack.

Spyware 276

Spyware Government Hacking Software 276

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers is still ongoing, government experts are assessing its scope.

Government 111

Government Telecommunications Surveillance Risk 111

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers.

Hacking 130

Hacking Internet Internet Malware 130

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers is still ongoing, government experts are assessing its scope.

Government 112

Government Telecommunications Surveillance Risk 112

Schneier on Security

OCTOBER 14, 2024

Something this complex and impressive implies that a government is behind this. North Korea is the government we know that hacks cryptocurrency in order to fund its operations. Aqua Security researchers have also observed the malware serving as a backdoor to install other families of malware.

Malware 271

Malware Cryptocurrency Internet Internet 271

Schneier on Security

OCTOBER 8, 2024

The Wall Street Journal is reporting that Chinese hackers (Salt Typhoon) penetrated the networks of US broadband providers, and might have accessed the backdoors that the federal government uses to execute court-authorized wiretap requests. Those backdoors have been mandated by law—CALEA—since 1994. It’s a weird story.

Hacking 316

Hacking Government 316

Krebs on Security

OCTOBER 17, 2024

government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. The government isn’t saying where the Omed brothers are being held, only that they were arrested in March 2024 and have been in custody since. A statement by the U.S.

DDOS 257

DDOS Government Internet Internet 257

Security Affairs

APRIL 16, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach) Conduent suffered another security breach in 2020 by the Maze ransomware gang, which stole corporate data.

Data breaches 111

Data breaches Government Business Services Cyber Insurance 111

Security Boulevard

NOVEMBER 1, 2024

China Hacks Canada too, Says CCCS appeared first on Security Boulevard. Plus brillants exploits: Canadian Centre for Cyber Security fingers Chinese state sponsored hackers. The post Ô!

Hacking 128

Hacking Social Engineering Cyber Attacks Data privacy 128

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware 247

Malware Antivirus Software DDOS 247

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. government has used court orders to remotely disinfect systems compromised with malware. Today’s operation is not the first time the U.S.

Hacking 309

Hacking Malware Ransomware Government 309

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. From the executive summary: The Board finds that this intrusion was preventable and should never have occurred.

Hacking 336

Hacking Government Accountability Technology 336

Malwarebytes

MAY 8, 2025

The purpose was to gain access to the messages on those devices, which were typically used by attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials. However, the jury awarded Meta $444,719 in compensatory damages and $167,254,000 in punitive damages.

Spyware 112

Spyware Hacking Surveillance Government 112

Krebs on Security

DECEMBER 4, 2024

government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. government’s “Wanted” poster for him.

Cybercrime 238

Cybercrime Ransomware Cryptocurrency Government 238

Schneier on Security

MARCH 11, 2025

. […] According to prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that have criticized the Chinese government, and most recently the US Treasury, which was breached between September and December of last year.

Government 224

Government Media Hacking 224

Security Affairs

DECEMBER 9, 2024

On June 20, 2024, the group targeted an Indonesian data center causing the disruption of around 210 critical government services, including customs and immigration. Deloitte discovered the hack in March 2017, and according to The Guardian, the attackers may have had access to the company systems since October or November 2016.

Hacking 124

Hacking Ransomware Accountability Architecture 124

Security Boulevard

NOVEMBER 6, 2024

The post Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’ appeared first on Security Boulevard. That’s a lot of pain: $125,000 ransom seems small—but why do the scrotes want it paid in baguettes?

Hacking 125

Hacking Cryptocurrency Data privacy Risk 125

Schneier on Security

JANUARY 16, 2023

Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. MSAB is a Swedish company that does the same thing. Someone has released software and documentation from both companies.

Software 288

Software Hacking Manufacturing Government 288

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. A senior government official at the finance ministry confirmed that attackers compromised some central bank accounts.

Banking 141

Banking Government Accountability Hacking 141

Security Affairs

OCTOBER 22, 2024

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability. ” Chinese law requires researchers to disclose zero-day vulnerabilities to the government. .”

Hacking 141

Hacking Government Software Information Security 141

Security Affairs

APRIL 16, 2025

government funding for MITRE s CVE program , a key global cybersecurity resource for cataloging vulnerabilities, is set to expire Wednesday, risking disruption. The CVE program is supported by a network of CVE Numbering Authorities (CNAs), which include major technology companies, research organizations, and government agencies.

Government 131

Government Risk Cybersecurity Media 131

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 257

Identity Theft Phishing Cryptocurrency Accountability 257

The Hacker News

APRIL 21, 2025

Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company," the Symantec Threat Hunter Team said in a new report

Government 134

Government Hacking Malware 134

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. Set clear standards on what is required by the private sector, and what the government will do to assist with cybersecurity.

CISO 263

CISO CSO Risk Cyber threats 263

Security Affairs

FEBRUARY 2, 2025

Texas bans DeepSeek and RedNote on government devices to block Chinese data-harvesting AI, citing security risks. Texas and other states banned TikTok on government devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,DeepSeek)

Government 79

Government Artificial Intelligence Media Data collection 79

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. In September 2024, Ukraines National Coordination Centre for Cybersecurity (NCCC) banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Schneier on Security

DECEMBER 30, 2024

The US government has identified a ninth telecom that was successfully hacked by Salt Typhoon.

Government 279

Government Hacking 279

Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government 68

Government Cyber threats Malware Phishing 68

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. io , and rdp[.]sh. gg , an e-commerce platform that caters to the same clientele as Sellix.

eCommerce 206

eCommerce Cybercrime Accountability Passwords 206

Security Affairs

JANUARY 18, 2025

The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. government IT systems and critical infrastructure. The threat actors gained access to the workstations of government employees and unclassified documents.

Cybersecurity 120

Cybersecurity Telecommunications Government Healthcare 120

Security Affairs

DECEMBER 2, 2024

The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. Tor Project maintainers are urging users to deploy 200 WebTunnel bridges by year-end allow users in Russia to bypass government censorship. ” reads the announcement published by Tor Project.

Government 128

Government Internet Internet Hacking 128

Security Affairs

NOVEMBER 10, 2024

South Korea’s government blames pro-Russia threat actors for an intensification of cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. “The government is actively responding to distributed denial of service (DDoS) attacks targeting some public and private websites.

DDOS 113

DDOS Government Cyber threats Hacking 113