North Korea's Lazarus hacking team, which focuses on cryptocurrency theft and espionage, has once again been exploiting a zero-day vulnerability in Microsoft Windows to install antivirus-suppressing malware dubbed Fudmodule to aid its intrusions.
The FBI confirmed recent reports that Iran hacked into former President Donald Trump’s campaign, saying in a Monday statement the country was attempting "to stoke discord and undermine confidence" in the U.S. democratic process through online influence operations and other malicious efforts.
A massive February leak of internal documents from Chinese hacking contractor iSoon revealed apparent hacking against European institutions and states, a German federal agency warned this week. Previous analysis of the leaked data by security researchers focused on iSoon's activities in Asia.
A Russian hacking group notorious for hack-and-leak operations is behind a recent campaign targeting Russian dissidents and rights groups across the United States and Europe. Researchers also uncovered what they say is a previously unidentified threat actor targeting similar communities.
Iranian nation-state hackers are continuing a campaign to infiltrate the U.S. presidential election by penetrating the email inboxes of campaign and election officials, Google said Wednesday. The Iranian cyberespionage group tracked as APT42 started "a small but steady cadence" of phishing emails.
As concerns grow about China's cyberthreat to U.S. critical infrastructure, Scythe founder and CEO Bryson Bort suggests the actual risk may not be as severe as feared. He explains the factors that might limit China's cyber activities and the real strategic vulnerabilities that could be targeted.
Federal regulators and SolarWinds are eyeing a truce weeks after a judge dismissed most claims related to misleading investors about the company's security practices and risks. SEC lawyer Christopher Bruckmann said his team "proposed specific settlement terms," but the defense is unlikely to accept.
Cybersecurity experts are urging election campaign officials and policymakers to revisit their defenses in the wake of the Trump campaign confirming it was breached and that internal documents were stolen and leaked as part of an apparent foreign disinformation campaign.
Your secret weapon to combat cyber threats might be just under your nose! Cybercriminals continue to exploit vulnerabilities while upping their game with new and more sinister attack methods. The human firewall is your cybersecurity ace in the hole.
But how resilient are your users when it comes to fending off...
A campaign official for former President Donald Trump said on Saturday that "foreign sources" stole sensitive documents including reports created to vet Trump's vice presidential nominees. The campaign blamed it on election interference by Iranian hackers but provided no evidence for the claim.
Iranian operatives stepped up influence and hacking operations against U.S. targets as presidential election ramps up for its final months, Microsoft warned on Thursday. Iran is one of a handful of authoritarian countries that use hacking and disinformation to undermine American democracy.
In the latest weekly update, ISMG editors explore evolving ransomware threats, including rising attacks in healthcare and other critical sectors, a shift from cybercrime groups such as LockBit to lone-wolf operators, and why Russian ransomware gangs are dominating the global stage.
U.S. federal prosecutors charged a Tennessee man with abetting North Korea in an ongoing effort to obtain remote IT work for its nationals as a way of generating hard currency. "North Korean IT workers are widespread in Fortune 500 companies," said a threat analyst.
Prominent North Korean hacker groups Kimsuky and Andariel have been targeting South Korea's construction and machinery sectors since January to steal classified information to help the country modernize its cities and factories, South Korean government agencies warned on Monday.
A state hacking group that's been linked to Chinese cyberespionage infected an internet service provider to redirect software update connections to an attacker server that downloaded Macma malware, says Volexity. Google first spotted Macma in 2021.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.