The U.S. has indicted four Chinese nationals working with the nation's Ministry of State Security in connection with an alleged hacking campaign conducted from 2011 to 2018 that targeted universities and government entities to obtain trade secrets, medical research and other intellectual property.
Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50 tactics, techniques and procedures that Chinese state-sponsored cyberattackers are using to target organizations in the U.S. and allied nations.
The U.S and its allies formally accusing China of cyberattacks on Microsoft Exchange servers comes as no surprise because it's "indicative of the behavior of the administration in China for many years now," says Cybereason CSO Sam Curry.
A leak of 50,000 telephone numbers and email addresses led to the "Pegasus Project," a global media consortium's research effort that discovered how Pegasus spyware developed by NSO Group is being used in the wild.
A new exposé tracking how spyware has been used to target journalists and human rights advocates suggests attackers have been exploiting zero-day flaws in Apple applications and devices. Apple says the flaws, while serious, likely pose no risk to the vast majority of its users.
The Department of Commerce is restricting trade with four Russian IT and cybersecurity firms, along with two other entities, over concerns that these organizations pose a threat to U.S. national security.
A greater level of cooperation is needed between the DOD and DHS to ensure that U.S. critical infrastructure is protected against various cyberthreats, according to an inspector general's report. The SolarWinds attack showed the need for more coordination between the two departments.
Now that the REvil ransomware gang has apparently shut down, victims are in a precarious situation. They must either rely on backups to restore data access or wait for the release of a decryptor, making sure they retain all encrypted files.
Google will soon release a security update to address eight vulnerabilities in its Chrome browser, including a high-severity zero-day flaw that's being exploited in the wild. It also plans to upgrade all Chrome page loads to HTTPS.
Cyberattackers used spyware from the Israeli firm Candiru to target at least 100 human rights defenders, dissidents, journalists and others across 10 countries, according to researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. and U.K., demanding ransom payments as high as $1.6 million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.
The U.S. Department of State is now offering rewards of up to $10 million for information about cyberthreats to the nation's critical infrastructure. Meanwhile, the government has launched a StopRansomware website offering a central repository of resources.
Facebook's threat intelligence team says it has disrupted an Iranian advanced persistent threat group that was using the social network as part of an effort to spread malware and conduct cyberespionage operations, primarily in the U.S.
Security software firm NortonLifeLock says it is in "advanced discussions" to acquire Avast, a rival security firm known for its freemium antivirus software. NortonLifeLock was formerly Symantec's consumer-focused business.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.