All articles tagged with #cyber threats
Cybersecurity researchers have uncovered VVS Stealer, a Python-based malware sold on Telegram that targets Discord accounts and other data, using obfuscation techniques to evade detection. It is distributed as a PyInstaller package, sets up persistence, and performs sophisticated attacks including Discord session hijacking, making it a highly stealthy and effective threat.
This weekly cybersecurity recap highlights active exploits and critical vulnerabilities in popular software like Apple, WinRAR, and .NET, along with emerging threats such as OAuth scams, sophisticated phishing campaigns, and state-sponsored cyber espionage, emphasizing the urgent need for timely security updates and vigilance.
This weekly cybersecurity recap highlights active exploitation of a critical Microsoft WSUS flaw, the return of LockBit 5.0 ransomware, new malware campaigns involving Telegram and YouTube, and a wide array of global cyber threats including nation-state attacks, vulnerabilities, and scams, emphasizing the importance of vigilance and timely patching.
President Trump proclaims October 2025 as National Cybersecurity Awareness Month, emphasizing the importance of strengthening cybersecurity defenses, protecting American citizens' privacy, and promoting safe digital practices, with initiatives led by the government and First Lady to safeguard national security and individual rights.
The expiration of the CISA 2015 law has left the US government and private cybersecurity firms concerned about reduced threat-sharing capabilities and increased vulnerability to cyberattacks from adversaries like Russia and China, amid ongoing political debates over extending the law.
The FBI and international agencies warn that the cybercriminal group Scattered Spider has adapted its tactics, now using sophisticated social engineering, legitimate remote access software, and new malware like DragonForce to infiltrate organizations, exfiltrate data, and deploy ransomware rapidly. They target sectors like retail, insurance, and aviation, often exfiltrating data to multiple sites and quickly deploying ransomware such as DragonForce, especially targeting VMware ESXi servers. Despite recent arrests slowing their activity, authorities advise organizations to strengthen defenses through offline backups, multi-factor authentication, and application controls.
The article discusses the emerging risks associated with advancing quantum technology, highlighting potential threats to cybersecurity and the possibility of a 'cyber doomsday' scenario as these technologies become more prevalent.
The FBI plans to reallocate thousands of agents from immigration enforcement to focus more on counterterrorism and cyber threats, especially in response to recent U.S. strikes in Iran, aiming to better address national security concerns.
The President amended Executive Orders 13694 and 14144 to enhance US cybersecurity efforts, focusing on defending digital infrastructure, addressing threats from nations like China, Russia, Iran, and North Korea, and promoting AI and quantum computing security measures, while streamlining policies and establishing new guidance for federal agencies.
The FBI and U.S. cybersecurity officials are urging Americans to use encrypted messaging apps like Signal to protect against cyber threats from foreign actors, particularly following a major hack linked to the Chinese government known as Salt Typhoon. This push for encryption comes amid concerns about potential authoritarian actions by the incoming Trump administration, which has nominated controversial figures to key positions. The Salt Typhoon hackers accessed U.S. telecom systems, but encrypted communications remained secure, highlighting the importance of encryption in safeguarding privacy.
The NSA advises iPhone and Android users to restart their devices weekly to enhance security and disrupt malware operations. This recommendation is part of broader best practices, including updating software, using strong authentication, avoiding public Wi-Fi, installing apps from trusted sources, and reviewing app permissions. The guidance aims to mitigate the increasing sophistication of cyber threats targeting mobile devices.
FBI Director Christopher Wray expressed growing concern over foreign adversaries and terrorist groups targeting the United States through cyber operations, security threats, and "mafia-like" tactics, with a particular focus on ISIS-K and renewed calls for attacks against Jewish communities. Wray also highlighted threats from Russia, China, North Korea, and Iran, emphasizing Russia's targeting of critical infrastructure and China's extensive cyber program. He defended Section 702 of the Foreign Intelligence Surveillance Act and criticized proposed budget cuts to the FBI, warning that such cuts would benefit violent criminals, child predators, foreign governments, cyber hackers, and terrorists while harming law enforcement and the American people.
The U.S. Department of Homeland Security released the Cyber Safety Review Board’s findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion, attributing it to a hacking group affiliated with the People’s Republic of China. The report detailed operational and strategic decisions that led to the intrusion and recommended specific practices for industry and government to implement to prevent similar incidents. The Board's recommendations include implementing modern control mechanisms, adopting minimum standards for default audit logging, and developing more effective victim notification and support mechanisms. The Department of Homeland Security and the Cyber Safety Review Board are committed to transparency and will release public versions of the reports whenever possible.
US and allied intelligence agencies have revealed that a sophisticated Chinese hacking group known as "Volt Typhoon" has been targeting US critical infrastructure, including aviation, rail, mass transit, and more for the past five years. The group, which is believed to be focused on sabotage rather than espionage, has prompted the US government to seek assistance from private technology companies in tracking its activity. The joint statement from the US, Britain, Australia, Canada, and New Zealand's cybersecurity agencies highlights the ongoing concern over malicious cyber activity from China and the need for coordinated efforts to combat it.
FBI Director Christopher Wray is set to warn the House Select Committee on the Chinese Communist Party about the threat posed by Chinese hackers to US critical infrastructure, including water treatment plants, electrical grids, and transportation systems. The FBI and Justice Department have taken steps to update vulnerable software used by thousands of devices targeted in a Chinese hacking campaign, but the hackers are believed to be deeply entrenched in US infrastructure. Wray will also highlight China's efforts to target US freedoms and deny allegations of hacking, while recent assurances from Chinese leaders regarding non-interference in the 2024 US presidential election have been reported.