/ Government Security Alerts /

Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and ATT&CK for Industrial Control Systems (ICS) frameworks for all referenced threat actor techniques and mitigations. CISA encourages asset owner operators across all critical infrastructure sectors to review the below threat actor techniques and …

/ Security News /

In a coordinated International law enforcement operation, Europol today announced to shut down the global organized cybercrime network behind Imminent Monitor RAT, yet another hacking tool that allows cybercriminals to gain complete control over a victim’s computer remotely. The operation targeted both buyers and sellers of the IM-RAT (Imminent Monitor Remote Access Trojan), which was …

/ Security News /

The massive data breach at Capital One – America’s seventh-largest bank, according to revenue – has challenged many common assumptions about cloud computing for the first time. Ironically, the incident, which exposed some 106 million Capital One customers’ accounts, has only reinforced the belief that the cloud remains the safest way to store sensitive data. …

/ Security News /

In last 20 years, we have seen hundreds of caper/heist movies where spies or bank robbers hijack surveillance cameras of secure premises to either stop recording or set up an endless loop for covert operations without leaving any evidence. Whenever I see such scenes in a movie, I wonder and ask myself: Does this happen …

Enlarge / Facebook Security gave details last week on how the company is fighting nation-state and other groups’ efforts to use the social network to amplify false news and for covert propaganda efforts. Getty Images/ NurPhoto Facebook Security has revealed more of how the company has begun to combat the spread of propaganda and “fake …

/ Security Assessments News /

Enlarge / A screenshot of foreign language samples used by a CIA tool to hide the nation of origin of CIA code implants, leaked on Friday by WikiLeaks. Up until this week, WikiLeaks’ “Vault 7” releases of files from a Central Intelligence Agency software development server have largely consisted of documentation for the various malware …