A recent massive cyberattack involving wiper malware Meteor was successful in destroying Iran’s national rail infrastructure as well as the ministry of transportation’s website, resulting in significant train service interruptions throughout the country, according to The Hacker News. On July 9, the Iranian train system was rendered obsolete as a result of a massive attack…
3rd Party Risk Management , Application Security , Cybercrime DOJ: Russian-Linked Group Breached Office 365 Accounts in 27 Offices Scott Ferguson (Ferguson_Writes) • August 1, 2021 Photo: Salticidae via Flickr/CC The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. Attorneys’ Offices in…
Israeli surveillance software company NSO Group has temporarily blocked several government clients around the world from using its Pegasus spyware as the company investigates its possible misuse, Washington-based non-profit media outlet NPR reported. The development also follows raids on some offices of the NSO Group on Wednesday by Israeli government agencies “to begin assessing” security…
Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development Agency Now Seeks Feedback to Help Address Governance Challenges Dan Gunderman (dangun127) • July 31, 2021 (Photo: Gerd Altmann/Pixabay) Citing a need to secure artificial intelligence technologies, the National Institute of Standards and Technology is working to…
The federal government is seeking to increase cybersecurity in critical infrastructure industries through the implementation of a voluntary Industrial Control Systems Cybersecurity Initiative (Initiative), while the US House of Representatives (House) concurrently focuses on the same goal by passing three bills aimed at enhancing cybersecurity. While it’s currently voluntary, it’s likely the Initiative—along with its…
Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development Agency Now Seeks Feedback to Help Address Governance Challenges Dan Gunderman (dangun127) • July 31, 2021 (Photo: Gerd Altmann/Pixabay) Citing a need to secure artificial intelligence technologies, the National Institute of Standards and Technology is working to…
Account Takeover Fraud , Cybercrime , Cybercrime as-a-service Threatfabric Says Vultur uses Screen Recording to Target Victims Akshaya Asokan (asokan_akshaya) • July 31, 2021 Vultur is spread disguised as a legitimate app in Google Play Store. (Source: Google Play) A newly uncovered banking Trojan dubbed “Vultur” is targeting Android users through screen recording…
Governance & Risk Management , Patch Management Experts Say Advisory Highlights Vulnerability Management Challenges Dan Gunderman (dangun127) • July 30, 2021 Source: CISA A joint cybersecurity advisory issued by several agencies this week highlighting the ongoing exploits of longstanding software vulnerabilities illustrates the woeful state of patch management, security experts say. See Also:…
The emails of federal prosecutors’ offices around the country were hacked by Russian intelligence during the SolarWinds cyber attack. The Russian hackers had access to the emails of federal prosecutors in New York, California, DC and other jurisdictions from May to December 2020. The Justice Department released the update to “increase transparency” with the public…
Governance & Risk Management , Patch Management Experts Say Advisory Highlights Vulnerability Management Challenges Dan Gunderman (dangun127) • July 30, 2021 Source: CISA A joint cybersecurity advisory issued by several agencies this week highlighting the ongoing exploits of longstanding software vulnerabilities illustrates the woeful state of patch management, security experts say. See Also:…
