usa
US govt launches cybersecurity safety label for smart devices
Today, the White House announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for internet-connected consumer devices. The Cyber Trust Mark label, which will appear on smart products sold in the United States later this year, will help American consumers determine whether the devices they want to buy are safe […]
CISA says recent government hack limited to US Treasury
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that the Treasury Department breach disclosed last week did not impact other federal agencies. “At this time, there is no indication that any other federal agencies have been impacted by this incident,” CISA said. “CISA continues to monitor the situation and coordinate with relevant federal authorities to […]
Green Bay Packers’ online store hacked to steal credit cards
The Green Bay Packers American football team is notifying fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers’ personal and payment information. The National Football League team says it immediately disabled all checkout and payment capabilities after discovering on October 23 that […]
Chinese hackers also breached Charter and Windstream networks
More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon. This comes after AT&T, Verizon, and Lumen confirmed on December 30 that they have evicted the hackers from their networks. After breaching their networks, the Salt Typhoon hackers gained access […]
Chinese hackers targeted sanctions office in Treasury attack
Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. OFAC was created in December 1950, blocking all Chinese and North Korean assets under U.S. jurisdiction after China entered the Korean War. In a letter sent to Congress this […]
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. These stricter cybersecurity rules, proposed by the HHS’ Office for Civil Rights (OCR) and expected to be published as […]
US Treasury Department breached through remote support platform
Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. In a letter sent to lawmakers and seen by the New York Times, the Treasury Department warned lawmakers it was first notified of the breach on December 8th by its vendor BeyondTrust. BeyondTrust is a privileged […]
AT&T and Verizon say networks secure after Salt Typhoon breach
AT&T and Verizon confirmed they were breached in a massive Chinese espionage campaign targeting telecom carriers worldwide but said the hackers have now been evicted from their networks. “We have not detected threat actor activity in Verizon’s network for some time, and after considerable work addressing this incident, we can report that Verizon has contained the activities […]
White House links ninth telecom breach to Chinese hackers
A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. The Salt Typhoon Chinese cyber-espionage group who orchestrated these attacks (also tracked as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286) is known for breaching government entities and telecom companies […]
US charges Russian-Israeli as suspected LockBit ransomware coder
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. According to a criminal complaint unsealed today in the District of New Jersey, Rostislav Panev, 51, a dual Russian and Israeli national, allegedly helped develop LockBit ransomware encryptors and a custom […]