WASHINGTON — The Biden administration and Western allies, including all NATO members, formally blamed China on Monday for a major hack of Microsoft Exchange email server software and asserted that criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyberoperations. China’s “pattern of irresponsible behavior in cyberspace is inconsistent with…
Campbell Conroy & O’Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack. Campbell’s client list includes high-profile companies from various industry sectors, including automotive, aviation, energy, insurance, pharmaceutical, retail, hospitality, and transportation. Some of its current and past clients…
The United States and its allies accused China on Monday of a global cyberespionage campaign, mustering an unusually broad coalition of countries to publicly call out Beijing for hacking. The United States was joined by NATO, the European Union, Australia, Britain, Canada, Japan, and New Zealand in condemning the spying, which US Secretary of State…
Human rights and press freedom activists are up in arms about a new report on NSO Group, the notorious Israeli hacker-for-hire company. The report, by a global media consortium, expands public knowledge of the target list used in NSO’s military-grade spyware. According to the report, that now not only includes journalists, rights activists and opposition…
Governance & Risk Management , IT Risk Management , Next-Generation Technologies & Secure Development Report Offers Risk Mitigation Advice, Stressing Prompt Patching Doug Olenick (DougOlenick) • July 19, 2021 Example of Chinese attackers’ tactics and techniques (Source: Joint Cybersecurity Advisory) Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50…
While some organizations are improving their ability to share cyberthreat intelligence with other entities within the same sector, cross-sector cyber intelligence collaboration is still difficult. But cyber fusion centers can help automate that process, according to Errol Weiss of the Health Information Sharing & Analysis Center and Anuj Goel of security firm Cyware. “To this…
Apple on Friday removed the app Fakespot from its App Store at Amazon’s request. Amazon complained Fakespot misled customers, broke App Store rules, and posed a security risk. Fakespot’s CEO said he was shocked by the turn of events. See more stories on Insider’s business page. Amazon got Apple to remove an app called Fakespot…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management All Aligned With China’s Ministry of State Security Dan Gunderman (dangun127) • July 19, 2021 (Source: U.S. Department of Justice) Four Chinese nationals working with the nation’s Ministry of State Security, the civilian intelligence, security and secret police agency, have…
StopRansomware.gov is designed to be a one-stop hub for ransomware resources. The US Department of Homeland Security (DHS) and the US Department of Justice (DOJ)—along with other federal partners—have launched a new website as part of the US government’s fight against ransomware: StopRansomware.gov. StopRansomware.gov is said to be a one-stop hub for ransomware resources for…
The Wi-Fi network name bug that was found to completely disable an iPhone’s networking functionality had remote code execution capabilities and was silently fixed by Apple earlier this year, according to new research. The denial-of-service vulnerability, which came to light last month, stemmed from the way iOS handled string formats associated with the SSID input,…
