Government and Internet - Cyber Security Informer

Arguing Against CALEA

Schneier on Security

APRIL 8, 2025

This is the access that the Chinese threat actor Salt Typhoon used to spy on Americans: The Wall Street Journal first reported Friday that a Chinese government hacking group dubbed Salt Typhoon broke into three of the largest U.S. government’s investigation is in its early stages.

Telecommunications

Telecommunications Internet Internet Government

Surveillance of the Internet Backbone

Schneier on Security

AUGUST 25, 2021

Vice has an article about how data brokers sell access to the Internet backbone. In the hands of some governments, that could be dangerous. This is netflow data. It’s useful for cybersecurity forensics, but can also be used for things like tracing VPN activity.

Internet

Internet Internet Surveillance VPN

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. Internet is a regional ISP that provides fiber and wireless Internet service.

Internet

Internet Internet Wireless Government

Welcoming the Czech Republic Government to Have I Been Pwned

Troy Hunt

SEPTEMBER 6, 2021

For the last few years, I've been welcome national governments to Have I Been Pwned (HIBP) and granting them full and free access to domain-level searches via a dedicated API. Data breaches impact all of us in one way or another, and government agencies are no exception.

Government

Government Data breaches Internet Internet

Internet Backbone Giant Lumen Shuns.RU

Krebs on Security

MARCH 8, 2022

Lumen Technologies , an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. ru) from the Internet.

Internet

Internet Internet Government Technology

The Internet is Held Together With Spit & Baling Wire

Krebs on Security

NOVEMBER 26, 2021

A visualization of the Internet made using network routing data. Imagine being able to disconnect or redirect Internet traffic destined for some of the world’s biggest companies — just by spoofing an email. Image: Barrett Lyon, opte.org. Based in Monroe, La., Lumen Technologies Inc.

Internet

Internet Internet Authentication Telecommunications

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. Prosecutors say Anonymous Sudan offered a “Limited Internet Shutdown Package,” which would enable customers to shut down internet service providers in specified countries for $500 (USD) an hour.

DDOS

DDOS Government Internet Internet

Perfectl Malware

Schneier on Security

OCTOBER 14, 2024

It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. Something this complex and impressive implies that a government is behind this.

Malware

Malware Cryptocurrency Internet Internet

Hidden Anti-Cryptography Provisions in Internet Anti-Trust Bills

Schneier on Security

JUNE 21, 2022

Two bills attempting to reduce the power of Internet monopolies are currently being debated in Congress: S. Reducing the power to tech monopolies would do more to “fix” the Internet than any other single action, and I am generally in favor of them both. 2992, the American Innovation and Choice Online Act ; and S.

Internet

Internet Internet Encryption Backups

MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier

The Last Watchdog

FEBRUARY 10, 2025

Were just getting started down the road to the Internet of Everything (IoE.) Not coincidentally, industry standards groups and government regulators have stepped forward to embrace a vital supporting role. Governments and standards bodies are taking note.

Internet

Internet Internet IoT Manufacturing

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland’s government has been investigating the alleged misuse of Pegasus spyware by the previous administration and arrested the former head of Poland’s internal security service Piotr Pogonowski.

Spyware

Spyware Government Surveillance Hacking

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

Schneier on Security

DECEMBER 5, 2023

Before the internet, putting someone under surveillance was expensive and time-consuming. Surveillance has become the business model of the internet, and there’s no reasonable way for us to opt out of it. Governments around the world already use mass surveillance; they will engage in mass spying as well. They conform.

Surveillance

Surveillance Internet Internet Government

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

BEARHOST prides itself on the ability to evade blocking by Spamhaus , an organization that many Internet service providers around the world rely on to help identify and block sources of malware and spam. government for its hacking operations, CEO Eugene Kaspersky says he ordered workers to delete the code. Last year, the U.S.

Malware

Malware Antivirus Software DDOS

Delivering Malware Through Abandoned Amazon S3 Buckets

Schneier on Security

FEBRUARY 12, 2025

The TL;DR is that this time, we ended up discovering ~150 Amazon S3 buckets that had previously been used across commercial and open source software products, governments, and infrastructure deployment/update pipelines—and then abandoned. This is basically the SolarWinds attack, but much more extensive.

Malware

Malware Software Internet Internet

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers is still ongoing, government experts are assessing its scope.

Government

Government Telecommunications Surveillance Risk

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers is still ongoing, government experts are assessing its scope.

Government

Government Telecommunications Surveillance Risk

NSA Advisory on Chinese Government Hacking

Schneier on Security

OCTOBER 21, 2020

Most of the vulnerabilities listed below can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks.

Hacking

Hacking Government Internet Internet

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. government’s “Wanted” poster for him.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Web 3.0 Requires Data Integrity

Schneier on Security

APRIL 3, 2025

The CIA triad has evolved with the Internet. the Internet of today. For example, the 5G communications revolution isn’t just about faster access to videos; it’s about Internet-connected things talking to other Internet-connected things without our intervention. The first iteration of the Web—Web 1.0

Artificial Intelligence

Artificial Intelligence Architecture Internet Internet

When Getting Phished Puts You in Mortal Danger

Krebs on Security

MARCH 27, 2025

Researchers at the security firm Silent Push mapped a network of several dozen phishing domains that spoof the recruitment websites of Ukrainian paramilitary groups, as well as Ukrainian government intelligence sites. The website legiohliberty[.]army army features a carbon copy of the homepage for the Freedom of Russia Legion (a.k.a.

Phishing

Phishing Government Engineering Internet

Legacy Ivanti Cloud Service Appliance Being Exploited

Schneier on Security

SEPTEMBER 16, 2024

CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported. Welcome to the security nightmare that is the Internet of Things.

Internet

Internet Internet Government

Together for a Better Internet: Celebrating Safer Internet Day 2025

Thales Cloud Protection & Licensing

FEBRUARY 11, 2025

Together for a Better Internet: Celebrating Safer Internet Day 2025 andrew.gertz@t Tue, 02/11/2025 - 14:57 At a time when technology is integral to our lives, Safer Internet Day (SID) has never been more relevant. These measures align perfectly with the spirit of Safer Internet Day. With an estimated 5.8

Internet

Internet Internet Education Technology

Insecurity of Government Infrastructure

Adam Shostack

JANUARY 2, 2025

Thats why a group of us, led by Evan Lam and Sudheesh Singanamalla, have a new short paper* in NDSS, On the (In)Security of Government Web and Mail Infrastructure : Abstract: Government web infrastructure is a critical part of todays Internet and the functioning of society.

Government

Government DNS Internet Internet

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. government.

VPN

VPN Government Cybercrime Internet

Oops! Simple Typo Causes Over 100,000 Sensitive US Military Emails To Be Delivered To Pro-Russia Government Of Mali

Joseph Steinberg

JULY 17, 2023

Among the leaked data were briefings on domestic US terrorism marked “For Official Use Only,” a global counter-terrorism assessment document with the words “Not Releasable to the Public or Foreign Governments” on its cover, crew lists for ships, and maps and photos of military bases. Now that the government of Mali is administering the.ML

Government

Government Artificial Intelligence Technology VPN

Report: Recent 10x Increase in Cyberattacks on Ukraine

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

DNS

DNS Internet Internet Phishing

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. Image: SentinelOne.com.

DDOS

DDOS Internet Internet Government

Analysis of Intellexa’s Predator Spyware

Schneier on Security

OCTOBER 18, 2023

Amnesty International has published a comprehensive analysis of the Predator government spyware products. This is the legacy of not securing the Internet when we could have. These technologies used to be the exclusive purview of organizations like the NSA.

Spyware

Spyware Internet Internet Government

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. The web shell gives the attackers administrative access to the victim’s computer servers.

Hacking

Hacking Software Government Internet

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

Merrill said the different purveyors of these SMS phishing tools traditionally have impersonated shipping companies, customs authorities, and even governments with tax refund lures and visa or immigration renewal scams targeting people who may be living abroad or new to a country.

Phishing

Phishing Scams Mobile Passwords

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

In some jurisdictions, this line is most-effectively drawn by a government-appointed privacy commissioner who is required to remain neutral and yet ultimately serves the citizens of its country. Set clear standards on what is required by the private sector, and what the government will do to assist with cybersecurity.

CISO

CISO CSO Risk Cyber threats

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Security Affairs

DECEMBER 2, 2024

The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. “We are calling on the Tor community and the Internet freedom community to help us scale up WebTunnel bridges. If you’ve ever thought about running a Tor bridge, now is the time.

Government

Government Internet Internet Hacking

NSO Group’s Pegasus Spyware Used Against US State Department Officials

Schneier on Security

DECEMBER 13, 2021

NSO Group’s descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees. We don’t know which NSO Group customer trained the spyware on the US. ” .

Spyware

Spyware Internet Internet Government

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. Wall Street Journal reported.

Hacking

Hacking Internet Internet Government

Keeping the Internet Secure

Adam Shostack

JANUARY 2, 2025

[no description provided] Today, a global coalition led by civil society and technology experts sent a letter asking the government of Australia to abandon plans to introduce legislation that would undermine strong encryption.

Internet

Internet Internet Government Manufacturing

Tech CEO Sentenced to 5 Years in IP Address Scheme

Krebs on Security

OCTOBER 17, 2023

Golestan’s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S.,

Internet

Internet Internet VPN Marketing

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

telecommunication and internet service providers. government IT systems and critical infrastructure. government systems, including the recent targeting of Treasurys information technology (IT) systems, as well as sensitive U.S. China-linked threat actors persistently target U.S. critical infrastructure.” national security.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

Krebs on Security

SEPTEMBER 16, 2021

man charged in 2018 with operating two online services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against Internet users and websites. A jury in California today reached a guilty verdict in the trial of Matthew Gatrel , a St. Charles, Ill. The user interface for Downthem[.]org.

DDOS

DDOS DNS Internet Internet

T-Mobile detected network intrusion attempts and blocked them

Security Affairs

NOVEMBER 28, 2024

Many reports claim these bad actors have gained access to some providers’ customer information over an extended period of time – phone calls, text messages, and other sensitive information, particularly from government officials. Connectivity to a compromised provider was interrupted, and T-Mobile notified industry and government leaders.

Mobile

Mobile Government Telecommunications Internet

Essays from the Second IWORD

Schneier on Security

MARCH 8, 2024

An Argument for More Dialogues in Academia Aditi Juneja, Ensuring We Have A Democracy in 2076 Nick Couldry, Resonance, Not Scalability Jon Evans, Experimentocracy Nathan Schneider, Democracy On, Not Just Around, the Internet Eugene Fischer, The Enrichment and Decay of Ionia We are starting to think about IWORD 2024 this December.

Government

Government Internet Internet

US Treasury Department Sanctions Chinese Company Over Cyberattacks

Schneier on Security

JANUARY 7, 2025

officials say employed workers responsible for the Flax Typhoon attacks which compromised devices including routers and internet-enabled cameras to infiltrate government and industrial targets in the United States, Taiwan, Europe and elsewhere.

Internet

Internet Internet Government Technology

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Malwarebytes

APRIL 3, 2025

Mobile VPNs are apps that connect your smartphone to the internet via different computers around the world. Be wary of VPNs based in countries that require intelligence-sharing with their governments Look for these security features: Strong encryption protocols (like 256-bit ChaCha20) are vital.

VPN

VPN Mobile Government Technology

FBI Shuts Down Chinese Botnet

Schneier on Security

SEPTEMBER 19, 2024

The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types of internet-connected devices around the world, including home routers, cameras, digital video recorders, and NAS drives.

Telecommunications

Telecommunications Media Malware Internet

Arguing Against CALEA

Surveillance of the Internet Backbone

Trending Sources

U.S. Internet Leaked Years of Internal, Customer Emails

Welcoming the Czech Republic Government to Have I Been Pwned

Internet Backbone Giant Lumen Shuns.RU

The Internet is Held Together With Spit & Baling Wire

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Perfectl Malware

Hidden Anti-Cryptography Provisions in Internet Anti-Trust Bills

MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier

Poland probes Pegasus spyware abuse under the PiS government

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Delivering Malware Through Abandoned Amazon S3 Buckets

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

FBI: Spike in Hacked Police Emails, Fake Subpoenas

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

NSA Advisory on Chinese Government Hacking

U.S. Offered $10M for Hacker Just Arrested by Russia

Web 3.0 Requires Data Integrity

When Getting Phished Puts You in Mortal Danger

Legacy Ivanti Cloud Service Appliance Being Exploited

Together for a Better Internet: Celebrating Safer Internet Day 2025

Insecurity of Government Infrastructure

Is Your Computer Part of ‘The Largest Botnet Ever?’

Oops! Simple Typo Causes Over 100,000 Sensitive US Military Emails To Be Delivered To Pro-Russia Government Of Mali

Report: Recent 10x Increase in Cyberattacks on Ukraine

Stark Industries Solutions: An Iron Hammer in the Cloud

Analysis of Intellexa’s Predator Spyware

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

NSO Group’s Pegasus Spyware Used Against US State Department Officials

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Keeping the Internet Secure

Tech CEO Sentenced to 5 Years in IP Address Scheme

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

T-Mobile detected network intrusion attempts and blocked them

Essays from the Second IWORD

US Treasury Department Sanctions Chinese Company Over Cyberattacks

Popular VPNs are routing traffic via Chinese companies, including one with link to military

FBI Shuts Down Chinese Botnet

Stay Connected