Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Google Identifies Iranian and Chinese Threat Groups as Most Active Users of AI Tools Akshaya Asokan (asokan_akshaya) • January 30, 2025 Image: Shutterstock Recent disclosures from Google reveal that Iranian and Chinese threat actors are leveraging the company’s artificial intelligence…
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese Hackers Target Unpatched Microsoft, Sophos, Fortinet, and Ivanti Products Mathew J. Schwartz (euroinfosec) • January 24, 2025 Image: Shutterstock In a significant breach, Chinese state-sponsored hackers have been exploiting vulnerabilities in the telecommunications networks of the U.S. and…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Standards, Regulations & Compliance U.S. Treasury Implements Sanctions Amid Cybersecurity Breaches David Perera (@daveperera) • January 17, 2025 Image: Shutterstock On January 17, 2025, the U.S. federal government announced that it has successfully traced intrusions by Chinese hackers targeting telecommunications networks back…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese Hackers Allegedly Target U.S. Treasury Department Offices Related to Economic Sanctions By Chris Riotta (@chrisriotta) • January 2, 2025 Chinese nation-state hackers infiltrated several U.S. Treasury Department offices. (Image: Shutterstock) A recent cyber intrusion linked to Chinese hackers has successfully breached…
US Court Finds NSO Group Breached Hacking Laws with Pegasus Spyware In a significant legal decision, a U.S. federal judge ruled that the Israeli spyware manufacturer, NSO Group, violated American hacking laws by exploiting vulnerabilities in WhatsApp’s software. This ruling emerged from a lawsuit initiated by WhatsApp, a subsidiary of…
As 2024 draws to a close, cybersecurity firms are reporting significant upheaval in the cybercrime landscape, particularly relating to phishing-as-a-service operations. Recent assessments by Sophos indicate that the once-prominent phish-tool Rockstar 2FA, notorious for its sophisticated phishing campaigns, has reportedly ceased operations. Following this disruption, many of its users have…
Attack Surface Management, Governance & Risk Management, Patch Management Over 200 Vulnerable Servers Targeted by Ransomware Group Amid Growing Exploits Mathew J. Schwartz (euroinfosec) • December 18, 2024 Recent reports indicate over 200 Cleo managed file-transfer servers remain publicly accessible and without necessary updates, posing significant risks in light of…
Black Hat, Events Exploring Automotive Vulnerabilities, Bootloader Flaws, and Cyber Threats at Black Hat Europe 2024 Mathew J. Schwartz (euroinfosec) • December 9, 2024 Image: Shutterstock The Black Hat Europe conference is once again convening in London, promising a diverse agenda that delves into the myriad challenges facing cybersecurity today.…
Krispy Kreme Faces Cyber Attack During Holiday Season In a significant cybersecurity incident, Krispy Kreme, the prominent American doughnut and coffee chain, experienced a sophisticated attack that disrupted its sales operations amidst the crucial Christmas season. The breach occurred in November 2024 and primarily affected the company’s online ordering system,…
