Nation-State
Sweden is accusing Iran of hacking SMS service and sending out thousands of text messages calling for revenge over Quran burnings.
Hi, what are you looking for?
SecurityWeek
Malware & Threats
Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine.
Nation-State
The China-linked hacking group Earth Ammit has launched multi-wave attacks in Taiwan and South Korea to disrupt the drone sector.
Nation-State
A Turkey-affiliated espionage group has exploited a zero-day vulnerability in Output Messenger since April 2024.
Government
The proposed $491 million cut is being positioned as a “refocusing”of CISA on its core mission “while eliminating weaponization and waste.”
Nation-State
Iranian state-sponsored threat actor UNC1860 is operating as an initial access provider to high-profile networks in the Middle East.
Fraud & Identity Theft
Mandiant shines the spotlight on the growing infiltration of US and Western companies by North Korean fake IT workers.
Nation-State
Iranian hackers sought to interest President Joe Biden’s campaign in information stolen from rival Donald Trump’s campaign.
Nation-State
The US government has announced the disruption of Raptor Train, a Flax Typhoon botnet powered by hacked consumer devices.
Malware & Threats
Black Lotus Labs estimates that more than 200,000 routers, network-attached storage servers, and IP cameras have been ensnared in the botnet.
Nation-State
A North Korean group tracked as UNC2970 has been spotted trying to deliver new malware to people in the aerospace and energy industries.
Nation-State
Chinese national Song Wu allegedly sent spear-phishing emails to NASA, Air Force, Navy, Army, and FAA employees.
Nation-State
Apple said there's “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.
ICS/OT
A joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports.
Nation-State
A Chinese-speaking threat actor tracked as Tidrone has been targeting military and satellite industries in Taiwan.
Nation-State
Recorded Future observes renewed Predator spyware activity on fresh infrastructure after a drop caused by US sanctions.
Cyberwarfare
A secretive Russian military unit, previously linked to assassinations and destabilization in Europe, is blamed for destructive wiper malware attacks in Ukraine.
Malware & Threats
Google TAG publishes evidence showing identical or striking similarities between exploits used by Russia's APT29 and commercial spyware vendors.
Cyberwarfare
Amidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers.
Nation-State
A WPS Office zero-day vulnerability tracked as CVE-2024-7262 was exploited by South Korean hacker group APT-C-60.
Cybercrime
Runa Sandvik is an inaugural member of CISA's Technical Advisory Council and the Aspen Institute's Global Cybersecurity Group, and a board member of the...
Cyberwarfare
Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs.
Nation-State
Meta said it discovered a network of Iranian hackers, who posed as tech support agents for companies including AOL, Microsoft, Yahoo and Google.
Nation-State
Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level.
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
(Torsten George)
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
(Stu Sjouwerman)
Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore.
(Alastair Paterson)
CTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams.
(Marc Solomon)
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
(Jennifer Leggio)