skull-malware
Featured Nation-state Technology

Rare new Windows rootkit spotted in Chinese APT attacks

In a report published today, security firm Kaspersky said it discovered a rare new Windows rootkit that has remained undetected since at least 20018 and has been deployed in some highly targeted attacks.

China soldier PLA
Featured Government Nation-state

Chinese military unit accused of cyber-espionage bought multiple western antivirus products

A Chinese military unit that was accused last month by Japanese authorities of carrying out a years-long cyber-espionage campaign was seen buying batches of different western-made antivirus products.

Belgium-Bruxelles
Featured Government Nation-state

Belgium’s government network goes down after massive DDoS attack

Most of the Belgium government’s IT network has been down today after a massive distributed denial of service (DDoS) attack knocked offline both internal systems and public-facing websites.

submarine
Featured Nation-state

China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor

A threat actor believed to be operating on behalf of Chinese state-sponsored interests was recently observed targeting a Russian defense contractor involved in designing nuclear submarines for the Russian Navy, according to new research published today by Cybereason. The attack was narrowly-focused, the firm said, and originated with a spear-phishing attempt targeting a general director working at the Rubin Design Bureau, a Saint Petersburg-based shipbuilder that has designed most of Russia’s nuclear submarines…

Tehran-Iran
Featured Government Nation-state

Iran updates budget to allocate $71.4 million to ‘cyberspace’ operations

The Tehran government has updated its national budget to allocate an extra $71.4 million for the cyberspace programs of two government-controlled organizations.

CIA
Featured Government Nation-state

Security firm Kaspersky believes it found new CIA malware

Cybersecurity firm Kaspersky said today it discovered new malware that appears to have been developed by the US Central Intelligence Agency.

Night world
Featured Government Nation-state

Lawmakers start a push for new breach notification rules after SolarWinds attack

For more than a decade, policymakers on Capitol Hill have repeatedly tried and failed to pass meaningful federal data breach notification laws that would require companies to share details about cybersecurity incidents that they experience. As a result, organizations have to comply with a patchwork of more than 50 notification laws for each state and territory in the U.S. However, a group of lawmakers are pushing colleagues and business associations to revisit these efforts, arguing that recent incidents have highlighted how the lack of mandatory reporting rules makes it harder to detect and respond to major incidents…

Trend Micro
Featured Nation-state Technology

Nightmare week for security vendors: Now a Trend Micro bug is being exploited in the wild

US-Japanese cybersecurity firm Trend Micro disclosed on Wednesday that a threat actor began using a bug in its antivirus products to gain admin rights on Windows systems as part of its attacks.

tech generic
Featured Government Nation-state People

SolarWinds security chief: ‘We ran a pretty good shop’

SolarWinds’ chief information security officer defended the company’s practices and technology on Wednesday, saying the attack it experienced at the hands of Russia’s foreign intelligence agency last year wasn’t one that most companies would be prepared for. “We ran a pretty good shop, we had pretty good technology,” Tim Brown, the company’s CISO and vice president of security, said during a webcast hosted by the insurance firm Marsh. “We’ve had four months of inspections and we found things to fix, but it wasn’t like we were super dirty—there wasn’t sloppiness, there wasn’t malware all over our environment.”

viper-snake-APT
Featured Nation-state Technology

Facebook disrupts two nation-state groups operating out of Palestine

The Facebook security team announced today that it disrupted the activities of two state-sponsored hacking groups operating out of Palestine that abused its platform to infect users with malware.