FBI, CISA, Cyber Command take aim at cyber-espionage by Iran's MuddyWater group

Written by Tim Starks Feb 24, 2022 | CYBERSCOOP U.S. and U.K. government agencies called out Iranian government-affiliated hackers Thursday, accusing them of being behind cyber-espionage targeting the defense, local…

US Senate passes Bill to ban goods produced from Uyghur forced labour

The US Senate on Thursday unanimously passed a Bill banning the import of all goods, including technology, produced in the Chinese region of Xinjiang to penalise the Chinese government for…

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

CISA, White House urge organizations to get ready for holiday cyberattacks

The Cybersecurity and Infrastructure Security Agency and the White House have released warnings to companies and organizations across the country, urging them to be on alert for cyberattacks ahead of…

All Change at the Top as New Ransomware Groups Emerge

All Change at the Top as New Ransomware Groups Emerge The Ransomware as a Service (RaaS) landscape underwent another major shift in the third quarter as new variants emerged to…

US Senate passes $768 billion defense bill without cyber incident reporting provisions

The US Senate passed the The National Defense Authorization Act (NDAA) on Wednesday, approving the $768 billion annual defense spending bill that was packed with cybersecurity provisions. The bill now heads…

NSO Group's latest spyware on par with nation-state abilities, researchers say

Written by AJ Vicens Dec 15, 2021 | CYBERSCOOP When Apple announced Nov. 23 that it filed a lawsuit against Israeli spyware firm NSO Group, it claimed that the firm…

Malicious Exchange Server Module Hoovers Up Outlook Credentials

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…

Meta targets user information, database scraping in bug bounty expansion

Meta has announced an expansion to its bug bounty platform to include vulnerabilities that can be abused for data scraping.  On Wednesday, the company – recently rebranded from Facebook –…

New “Hack DHS” program will pay up to $5,000 for discovered vulnerabilities

The US Department of Homeland Security is launching its own bug bounty program to help find and correct gaps in its systems.  more coverage The new “Hack DHS” program was…