Pravin Chavda: Leading the Charge in Cybersecurity Solutions Practice Director, Simeio Pravin Chavda serves as the Practice Director at Simeio, where he spearheads initiatives in Access Management and Customer Identity & Access Management (CIAM). With over two decades of comprehensive IT experience on a global scale, Chavda has occupied pivotal…
Significant Drop in Data Breaches in Nigeria: Context and Implications In the second quarter of 2025, Nigeria experienced a notable 73% reduction in reported data breaches, a decrease from 120,000 in the first quarter to 31,800. Despite this decline, cybersecurity firm Surfshark reported over 152,000 compromised accounts across various sectors…
U.S. Imposes Sanctions on Chinese Cybersecurity Firm Linked to Treasury Hack Associated with Silk Typhoon
Jan 18, 2025
Cyber Espionage / Telecom Security
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has enacted sanctions against a Chinese cybersecurity firm and a Shanghai-based cyber operative for their suspected connections to the Silk Typhoon group and the recent breach of the federal agency’s systems. The Treasury stated in a press release that “malicious cyber actors linked to the People’s Republic of China (PRC) continue to target U.S. government networks, including the recent compromise of Treasury’s information technology systems and sensitive critical infrastructure.” The sanctions specifically target Yin Kecheng, identified as a cyber operative for over a decade and associated with China’s Ministry of State Security (MSS). Kecheng is believed to be linked to the recent breach of Treasury’s network, which was revealed earlier this month and involved a hack of BeyondTrust’s systems, allowing threat actors to access some of the company’s Remote Support SaaS infrastructure.
U.S. Treasury Sanctions Chinese Cybersecurity Firm Over Treasury Network Breach Connected to Silk Typhoon On January 18, 2025, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against a Chinese cybersecurity firm and a cyber actor based in Shanghai, citing their suspected connections to the notorious Salt…
U.S. Imposes Sanctions on Chinese Cybersecurity Firm Linked to Treasury Hack Associated with Silk Typhoon
Jan 18, 2025
Cyber Espionage / Telecom Security
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has enacted sanctions against a Chinese cybersecurity firm and a Shanghai-based cyber operative for their suspected connections to the Silk Typhoon group and the recent breach of the federal agency’s systems. The Treasury stated in a press release that “malicious cyber actors linked to the People’s Republic of China (PRC) continue to target U.S. government networks, including the recent compromise of Treasury’s information technology systems and sensitive critical infrastructure.” The sanctions specifically target Yin Kecheng, identified as a cyber operative for over a decade and associated with China’s Ministry of State Security (MSS). Kecheng is believed to be linked to the recent breach of Treasury’s network, which was revealed earlier this month and involved a hack of BeyondTrust’s systems, allowing threat actors to access some of the company’s Remote Support SaaS infrastructure.
Access Restricted: The Growing Threat of Shadow AI In today’s digital landscape, unauthorized artificial intelligence (AI) usage has emerged as a significant cybersecurity risk, often referred to as “shadow AI.” Recently, a concerning article highlighted this burgeoning threat, prompting urgent conversations among industry leaders and cybersecurity professionals. The target of…
Title: Trump Administration Axes DHS Advisory Committee Memberships, Impacting Cybersecurity Oversight
January 23, 2025
Cybersecurity / National Security
The new Trump administration has dissolved all memberships of advisory committees under the Department of Homeland Security (DHS). In a memo dated January 20, 2025, Acting Secretary Benjamine C. Huffman stated, “In line with DHS’s commitment to resource efficiency and prioritizing national security, I am directing the immediate termination of all existing advisory committee memberships. Future committee initiatives will be solely focused on enhancing our mission to safeguard the homeland and align with DHS’s strategic objectives.” This decision affects members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cyber Safety Review Board (CSRB), which recently criticized Microsoft for a series of preventable mistakes that allowed its infrastructure to be exploited by a China-based threat actor.
Trump Terminates DHS Advisory Committee Memberships, Impacting Cybersecurity Review January 23, 2025 Cybersecurity / National Security In a significant move, the Trump administration has dissolved all advisory committee memberships associated with the Department of Homeland Security (DHS). Acting Secretary Benjamine C. Huffman announced in a memo dated January 20, 2025,…
Title: Trump Administration Axes DHS Advisory Committee Memberships, Impacting Cybersecurity Oversight
January 23, 2025
Cybersecurity / National Security
The new Trump administration has dissolved all memberships of advisory committees under the Department of Homeland Security (DHS). In a memo dated January 20, 2025, Acting Secretary Benjamine C. Huffman stated, “In line with DHS’s commitment to resource efficiency and prioritizing national security, I am directing the immediate termination of all existing advisory committee memberships. Future committee initiatives will be solely focused on enhancing our mission to safeguard the homeland and align with DHS’s strategic objectives.” This decision affects members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cyber Safety Review Board (CSRB), which recently criticized Microsoft for a series of preventable mistakes that allowed its infrastructure to be exploited by a China-based threat actor.
E.U. Imposes Sanctions on 3 Russian Nationals for Cyberattacks Against Estonia’s Key Government Ministries
Jan 28, 2025 – Cybersecurity / Cyber Espionage
The Council of the European Union has sanctioned three Russian nationals for their involvement in “malicious cyber activities” targeting Estonia. The individuals—Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov—are identified as officers of the Russian Armed Forces’ GRU Unit 29155. According to the council’s decision, these individuals are responsible for cyberattacks aimed at compromising the computer systems of various Estonian institutions to gather intelligence on the country’s cyber security policies.
These cyber intrusions provided unauthorized access to classified and sensitive information within several government ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs, resulting in the theft of thousands of confidential documents, including business secrets and proprietary data.
E.U. Imposes Sanctions on Three Russian Nationals Over Cyber Attacks on Estonian Ministries January 28, 2025 Cybersecurity / Cyber Espionage In a significant move against cyber threats, the Council of the European Union has sanctioned three Russian nationals for their alleged involvement in targeted cyber activities against Estonia. The individuals…
E.U. Imposes Sanctions on 3 Russian Nationals for Cyberattacks Against Estonia’s Key Government Ministries
Jan 28, 2025 – Cybersecurity / Cyber Espionage
The Council of the European Union has sanctioned three Russian nationals for their involvement in “malicious cyber activities” targeting Estonia. The individuals—Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov—are identified as officers of the Russian Armed Forces’ GRU Unit 29155. According to the council’s decision, these individuals are responsible for cyberattacks aimed at compromising the computer systems of various Estonian institutions to gather intelligence on the country’s cyber security policies.
These cyber intrusions provided unauthorized access to classified and sensitive information within several government ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs, resulting in the theft of thousands of confidential documents, including business secrets and proprietary data.
Governance & Risk Management, Government, Healthcare US Allegations Against Illumina: Knowingly Selling Vulnerable Systems to Federal Agencies Marianne Kolbasuk McGee (HealthInfoSec) • August 1, 2025 Image: Illumina Illumina Inc., a prominent firm in genomics sequencing, has reached a $9.8 million settlement to resolve allegations under the False Claims Act. The…
In its latest report, IBM has unveiled findings on the financial impact of data breaches in South Africa for the year 2025. The analysis indicates that organizations in the region faced an average cost of R44.2 million between March 2024 and February 2025 due to data breaches. This marked a…
Feb 25, 2025
Malware / Cyber Espionage
A new campaign targeting opposition activists in Belarus and Ukrainian military and government entities is using malware-laden Microsoft Excel documents to spread a new variant of PicassoLoader. This operation appears to be an extension of an ongoing effort by the Belarus-aligned threat actor known as Ghostwriter (also referred to as Moonscape, TA445, UAC-0057, and UNC1151), which has been active since 2016. Ghostwriter is believed to align with Russian security interests and promote anti-NATO narratives.
“Preparation for the campaign began in July-August 2024, with active operations starting in November-December 2024,” stated SentinelOne researcher Tom Hegel in a technical report shared with The Hacker News. “Recent findings regarding malware samples and command-and-control (C2) infrastructure suggest that the operation continues to be active.” The attack chain, as analyzed by the cybersecurity firm, is initiated via a Google Drive shared link.
Belarus-Linked Ghostwriter Exploits Obfuscated Excel Macros to Distribute Malware February 25, 2025 Malware / Cyber Espionage A newly uncovered cyber campaign has emerged, targeting opposition activists in Belarus alongside military and governmental entities in Ukraine. This operation utilizes malware-infused Microsoft Excel documents to disseminate a variant of PicassoLoader, a malicious…
Feb 25, 2025
Malware / Cyber Espionage
A new campaign targeting opposition activists in Belarus and Ukrainian military and government entities is using malware-laden Microsoft Excel documents to spread a new variant of PicassoLoader. This operation appears to be an extension of an ongoing effort by the Belarus-aligned threat actor known as Ghostwriter (also referred to as Moonscape, TA445, UAC-0057, and UNC1151), which has been active since 2016. Ghostwriter is believed to align with Russian security interests and promote anti-NATO narratives.
“Preparation for the campaign began in July-August 2024, with active operations starting in November-December 2024,” stated SentinelOne researcher Tom Hegel in a technical report shared with The Hacker News. “Recent findings regarding malware samples and command-and-control (C2) infrastructure suggest that the operation continues to be active.” The attack chain, as analyzed by the cybersecurity firm, is initiated via a Google Drive shared link.
