Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.
Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.
Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.
What happens next in Russia's all-out invasion of Ukraine isn't clear, but experts have been tracking signs that Moscow may be preparing for intensified cyber operations ahead of a spring offensive, developing new wiper malware and getting ready to interfere in European elections and foreign policy.
Microsoft's March dump of patches fixes two actively exploited zero-day vulnerabilities, including a critical issue in Outlook that Russian threat actor APT28 has used to target European companies. The vulnerability can be exploited before a user views the email in the Preview Pane.
In the latest "Proof of Concept" panel discussion, two Capitol Hill observers at Venable, Grant Schneider and Jeremy Grant, join Information Security Media Group editors to break down the Biden administration's new U.S. national cybersecurity strategy and answer the question, "Is it really viable?"
Business social media platform LinkedIn continues to pay dividends for North Korean hackers, including one group historically concentrated on South Korean targets that has expanded into pursuing security researchers and media industry workers in the West.
As Russia's full-scale invasion of Ukraine last year stalled, Russian hacking teams increasingly shifted from causing all-out disruption to cyberespionage, data theft and psychological operations, Ukraine's cybersecurity establishment says in a new lessons learned report.
The Chinese government's geopolitical ambitions and willingness to use cyber operations to achieve them pose one of the biggest threats to U.S. national security, the U.S. intelligence community warns. Russia, Iran and North Korea also pose major threats, as do cybercrime and especially ransomware.
Chinese APT group Mustang Panda is deploying a previously unseen malware backdoor dubbed MQsTTang as part of a spear-phishing campaign targeting governmental organizations, specifically in Ukraine and Taiwan, security firm Eset says. The malware is currently being spread as RAR files, it adds.
Threat actors actively targeting multinational clients of data center outsourcers and help desk providers in China and Singapore are posting stolen credentials for sale on data leak sites, and cybersecurity firm Resecurity says these actions could be part of a nation-state cyberespionage campaign.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
A Chinese law requiring mandatory disclosure to the government of vulnerability reports appears to be paying dividends for state-connected hacking. "The Chinese government is up-leveling their capabilities," says Adam Meyers, senior vice president of intelligence at CrowdStrike.
The European Commission has directed employees to remove the ByteDance-owned, short-form video app TikTok from their phones and corporate devices, citing security concerns. The decision follows similar bans in the U.S. and other countries, driven by fears of Chinese hacking and influence.
Russian hackers breached and modified several Ukrainian state websites on Thursday morning using a backdoor planted nearly two years ago. Ukraine identified the hackers as belonging to a group tracked as UAC-0056, also known as SaintBear, UNC2589 and TA471.