government
Australia bans all Kaspersky products on government systems
The Australian government has banned all Kaspersky Lab products and web services from its systems and devices following an analysis that claims the company poses a significant security risk to the country. “After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government […]
US healthcare org pays $11M settlement over alleged cybersecurity lapses
Health Net Federal Services (HNFS) and its parent company, Centene Corporation, have agreed to pay $11,253,400 to settle allegations that HNFS falsely certified compliance with cybersecurity requirements under its Defense Health Agency (DHA) TRICARE contract. The U.S. government contracted HNFS to provide managed healthcare support services for TRICARE’s North region, covering 22 states. The contract […]
Treasury hackers also breached US foreign investments review office
Silk Typhoon Chinese state-backed hackers have reportedly breached a Treasury Department office that reviews foreign investments for national security risks. CNN reported on Friday, citing U.S. officials familiar with the matter, that the attackers gained access to the Committee on Foreign Investment in the United States (CFIUS) systems. The CFIUS is a government office and interagency committee […]
Over 4,000 backdoors hijacked by registering expired domains
Over 4,000 abandoned but still active web backdoors were hijacked and their communication infrastructure sinkholed after researchers registered expired domains used for commanding them. Some of the live malware (web shells) was deployed on web servers of high-profile targets, including government and university systems, ready to execute commands from anyone who tool control of the communication […]
CISA says recent government hack limited to US Treasury
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that the Treasury Department breach disclosed last week did not impact other federal agencies. “At this time, there is no indication that any other federal agencies have been impacted by this incident,” CISA said. “CISA continues to monitor the situation and coordinate with relevant federal authorities to […]
Eagerbee backdoor deployed against Middle Eastern govt orgs, ISPs
New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. Previously, the malware was seen in attacks conducted by Chinese state-backed threat actors who Sophos tracked as ‘Crimson Palace.’ According to a new report by Kaspersky researchers, there’s a potential connection to a threat group they […]
European govt air-gapped systems breached using custom malware
An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September 2019 […]
Discord blocked in Russia and Turkey for spreading illegal content
Discord has been suddenly blocked in Russia and Turkey since yesterday due to illegal activity residing on the platform, leaving legitimate users in those countries unable to visit the website or connect to the service. While Discord started as a communication and community-building space for gamers, it has since expanded to include a broad spectrum […]
Audit finds notable security gaps in FBI’s storage media management
An audit from the Department of Justice’s Office of the Inspector General (OIG) identified “significant weaknesses” in FBI’s inventory management and disposal of electronic storage media containing sensitive and classified information. The report highlights multiple issues with policies and procedures or controls for tracking storage media extracted from devices, and significant physical security gaps in the […]
Indiana County Files Disaster Declaration Following Ransomware Attack
A County in Indiana, US, has filed a disaster declaration following a ransomware attack on local government networks, which has prevented the administration of critical services. Clay County made the declaration after confirming the incident has resulted in an inability to operate Clay County Courthouse and Clay County Probation/Community Corrections facilities. The July 11 declaration […]