The Biden administration is hosting a White House meeting Wednesday with technology, banking, insurance and education executives to focus on cybersecurity and national security issues, such as protecting critical infrastructure from attacks and how to hire more security professionals to meet demand.
The Aggah APT group, believed to be of Pakistani origin, apparently was behind a recent spear-phishing campaign targeting manufacturing firms in Taiwan and South Korea, according to the Anomali Threat Research Team.
Researchers at cybersecurity firm ClearSky say an Iranian APT group, dubbed "Siamesekitten," is targeting Israeli companies in a supply chain attack campaign. The attackers are luring victims with fake job offer emails that direct recipients to websites that download malware.
Israel-based digital intelligence company Cellebrite is halting sales to Bangladesh, citing human rights concerns. The move comes after the U.N. on Friday called for a moratorium on the sale of "life-threatening" surveillance technology, singling out Israel's NSO Group for criticism.
This edition of the ISMG Security Report offers an analysis of how tractors manufactured by John Deere are at risk of being hacked. Also featured: a description of the infrastructure bill passed by the Senate that would boost cybersecurity funding and an update on the reboot of the AlphaBay darknet market.
A group dubbed "ITG18," which apparently is linked to an Iranian advanced persistent threat group, deployed an Android backdoor it used to exfiltrate sensitive information from at least 20 reformists in Iran in the runup to the country's June 18 presidential election, IBM's Security Intelligence reports.
An unidentified hacking group with suspected Chinese ties is targeting critical infrastructure in Southeast Asia as part of a cyberespionage campaign to exfiltrate information about the victims' SCADA systems, says a report by security firm Symantec.
The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.
Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason. As in other Chinese cyberattacks, these APT campaigns exploited flaws in Microsoft Exchange servers.
The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. attorneys' offices in 15 states and Washington, D.C., throughout 2020, according to an update posted by the Justice Department.
Researchers at the security firm RiskIQ have uncovered about 35 active command-and-control servers connected with an ongoing malware campaign that has been linked to a Russian-speaking attack group known as APT29 or Cozy Bear.
The latest edition of the ISMG Security Report features an analysis of the disappearance of ransomware-as-a-service groups, such as REvil and Darkside, and how that impacts the wider cybercrime ecosystem. Also featured: ransomware recovery tips; regulating cyber surveillance tools.
The Israeli government paid a visit on Wednesday to NSO Group, the company whose spyware is alleged to have been covertly installed on the mobile devices of journalists and activists. The visit comes as Israel faces growing pressure to see if NSO Group's spyware, called Pegasus, has been misused.
A new ransomware group called BlackMatter has debuted, claiming to offer the best features of REvil and DarkSide - both apparently defunct - as well as LockBit. A new attack using REvil's code has also been spotted, but a security expert says it's likely the work of a former affiliate.